This is a CI-only code review workflow that scans pull requests for simplification opportunities and security hardening gaps without mutating any code. It runs headless checks on changed files only, emits structured YAML findings split by severity (critical/advisory), and can block merges based on configurable gates. The documentation is refreshingly honest about a real constraint: CI agents lack the full implementation context of the original author, so findings are treated as review signals rather than auto-applicable fixes. You get scan and report with optional merge blocking, plus a learning loop hook to feed recurring patterns back into your agent's context rules. Good fit if you want automated quality gates in PRs without the risk of CI making unreviewed code changes.
npx skills add https://github.com/pskoett/pskoett-ai-skills --skill simplify-and-harden-ci