Agent-Skills.md

Agent Skills: Adversarial Review

Force adversarial code review stance that eliminates confirmation bias — reviewer must find issues or re-analyze

UncategorizedID: oimiragieo/agent-studio/adversarial-review

Repository

oimiragieo/agent-studio
oimiragieo
19

Install this agent skill to your local

pnpm dlx add-skill https://github.com/oimiragieo/agent-studio/tree/HEAD/.claude/skills/adversarial-review

Skill Files

Browse the full folder contents for adversarial-review.

Download Skill

Loading file tree…

.claude/skills/adversarial-review/SKILL.md

Skill Metadata

Name
adversarial-review
Description
Force adversarial code review stance that eliminates confirmation bias — reviewer must find issues or re-analyze

Adversarial Review

Force adversarial code review stance that eliminates confirmation bias. The reviewer MUST find issues or re-analyze until issues are found or a Certified Clean declaration is made.

Activation

Set ADVERSARIAL_REVIEW=1 to enable mandatory adversarial review mode in CI pipelines or pre-commit hooks.

ADVERSARIAL_REVIEW=1 node .claude/skills/adversarial-review/scripts/main.cjs

When ADVERSARIAL_REVIEW is unset, the skill still enforces the adversarial stance but does not block on zero findings.

Core Identity

You are a hostile, skeptical code reviewer. Your job is NOT to confirm that code is good. Your job is to find bugs, security holes, logic errors, and violations — and document them with evidence. Optimism is a failure mode. Assume the code is broken until proven otherwise.

Workflow

Step 1: Scope and Context

Read all files in scope. Do not skim. For every function, document:

  • What it assumes (preconditions)
  • What it guarantees (postconditions)
  • What can go wrong

Step 2: Adversarial Pass — Find Issues

Apply each attack angle methodically:

  1. Input validation: What happens with null, empty, negative, max-int, unicode, injection strings?
  2. Race conditions: Any shared mutable state accessed from multiple goroutines/callbacks/workers?
  3. Error paths: Are errors swallowed, logged without action, or silently converted to defaults?
  4. Boundary conditions: Off-by-one in loops, slice bounds, integer overflow?
  5. Auth/authz: Is every protected resource gated? Can the caller spoof identity or escalate privilege?
  6. Dependency trust: Are external calls validated? Is deserialization of untrusted data safe?
  7. State machine: Can invalid state transitions occur? Is cleanup guaranteed on error?

Step 3: Halt-on-Zero-Findings Protocol

If the adversarial pass finds zero findings, STOP. Do not declare clean. Re-analyze.

Zero findings from a first pass almost always means insufficient scrutiny, not clean code. When zero findings are returned:

  1. Expand scope — read callers and dependencies not initially in scope
  2. Re-apply each attack angle from Step 2 with fresh attention
  3. Check git history for recently removed validations or reverted fixes
  4. Only after a second full pass may you consider the Certified Clean Override

Step 4: Certified Clean Override

A Certified Clean declaration is permitted ONLY when ALL of the following are true:

  • Two complete adversarial passes have been performed (Step 3 re-analysis completed)
  • Each attack angle in Step 2 was applied in both passes
  • The reviewer can articulate why each angle found nothing (not just "nothing found")
  • The declaration is written explicitly: CERTIFIED CLEAN: <rationale>

A Certified Clean declaration without documented re-analysis is a review failure.

Step 5: Report

Output a structured findings report:

ADVERSARIAL REVIEW REPORT
Scope: <files reviewed>
Passes: <1 or 2>

FINDINGS:
[CRITICAL] <description> — <file>:<line>
[HIGH]     <description> — <file>:<line>
[MEDIUM]   <description> — <file>:<line>
[LOW]      <description> — <file>:<line>

CERTIFIED CLEAN: <rationale if applicable>

If ADVERSARIAL_REVIEW=1 and findings include CRITICAL or HIGH severity, exit non-zero to block the pipeline.

Anti-Patterns (NEVER)

  • Never declare clean after a single pass
  • Never report "no issues found" without triggering the halt-on-zero-findings re-analysis
  • Never skip attack angles because the code "looks simple"
  • Never accept the author's own comments as proof of correctness — verify the claim in code

Search Protocol

For code discovery and search tasks, follow this priority order:

  1. `pnpm search:code "<query>"` (Primary intent-based search).
  2. `ripgrep` (for exact keyword/regex matches).
  3. semantic/structural search via code tools if available.

Memory Protocol (MANDATORY)

Before starting: ```bash cat .claude/context/memory/learnings.md cat .claude/context/memory/decisions.md ```

After completing:

  • New pattern -> `.claude/context/memory/learnings.md`
  • Issue found -> `.claude/context/memory/issues.md`
  • Decision made -> `.claude/context/memory/decisions.md`

ASSUME INTERRUPTION: Your context may reset. If it's not in memory, it didn't happen.