This is a structured code review tool that walks through your branch changes with a security-first mindset. It forces a complete read of the full diff, maps every attack surface (user inputs, database queries, auth checks), then runs through a checklist covering injection, XSS, authorization bypasses, race conditions, and the other usual suspects. The five-phase approach is methodical to the point of being rigid, which is probably the point. It requires you to account for every file and checklist item before giving conclusions, so you can't skip the boring parts. Good for catching the embarrassing stuff before it ships, though the thoroughness means it's overkill for trivial changes.
npx skills add https://github.com/davila7/claude-code-templates --skill find-bugs