Playbook
Secure Code Review Playbook
A step-by-step flow for installing trusted review skills and validating a secure review pipeline.
Prerequisites
You have a repo ready for review and an agent configured with skills.sh.
Steps
Install and configure
Step 1
Install the top trusted review package
Copy the install command for the highest-trust package so the agent can load review workflows immediately.
agentworks/secure-skills
Curated, low-risk skills for code review, research, and triage.
npx skills add agentworks/secure-skillsStep 2
Add a secondary linting package
Install a secondary package to compare findings and ensure coverage of code quality issues.
studio-nova/ops-skillbox
Operations automation skills with clear guardrails and install docs.
npx skills add studio-nova/ops-skillboxVerification
Confirm the skill commands run on a recent pull request and capture risks in a summary report.
Troubleshooting
If install fails, re-run the command with network access enabled and verify the repo exists.
Notes
This playbook walks you through a secure code review setup using trusted skills.