review-pr
warpdotdev/common-skills
Review pull request diffs and write structured feedback to review.json for workflow publication.
What is review-pr?
Review a checked-out PR by analyzing pr_diff.txt and pr_description.txt artifacts, then output machine-readable feedback to review.json instead of posting directly to GitHub. Use this when you need to produce structured review output that a workflow can consume and publish.
- Analyzes annotated PR diffs with line-level precision using [OLD:n], [NEW:n], and [OLD:n,NEW:m] markers
- Writes structured review.json with verdict, body, and inline comments using severity labels (CRITICAL, IMPORTANT, SUGGESTION, NIT)
- Validates code changes against spec_context.md when available using companion check-impl-against-spec skill
- Generates suggestion blocks with exact indentation and line-range replacement logic for GitHub's suggestion feature
- Focuses on correctness, security, error handling, and meaningful performance issues while filtering out style nits without concrete fixes
- Supports repository-specific guidance via companion review-pr-local skill for custom review rules
How to install review-pr
npx skills add https://github.com/warpdotdev/common-skills --skill review-pr- PR branch checked out in working directory
- pr_diff.txt file with annotated diff (provided by workflow)
- pr_description.txt file with PR description (provided by workflow)
- Optional: spec_context.md for spec validation, or resolve_spec_context.py script to generate it
How to use review-pr
- 1.Ensure the PR branch is checked out and pr_diff.txt and pr_description.txt are available in the working directory
- 2.If spec validation is needed, verify spec_context.md exists or use the resolve_spec_context.py script to materialize it
- 3.Run the skill to analyze the diff, focusing on files and lines changed by the PR
- 4.Review the generated review.json output, which includes verdict (APPROVE or REJECT), body with overview and concerns, and inline comments with line annotations
- 5.Validate the JSON output and ensure all line numbers match the annotated diff before the workflow publishes the review
Use cases
- Automated PR review in CI/CD workflows that need to publish reviews programmatically rather than via GitHub API
- Security-focused code review when security-review-pr companion skill is available to fold findings into one review.json
- Implementation validation against specifications using spec_context.md materialized on-demand via resolve_spec_context.py
- Batch PR reviews where multiple PRs are processed and feedback is collected in machine-readable format
- V0/prototype reviews that distinguish between blocking concerns and optional future robustness improvements
- CI/CD workflow orchestrators publishing reviews to GitHub
- Code review automation systems that need structured output
- Teams validating PRs against specifications or security policies
- Development teams using Warp or Cursor with agent-driven code review
review-pr FAQ
This skill writes structured feedback to review.json for a workflow to consume and publish, rather than posting directly to GitHub. This allows automation, batch processing, and integration with CI/CD systems that need machine-readable review output.
Use the exact [OLD:n], [NEW:n], or [OLD:n,NEW:m] annotations from pr_diff.txt as the source of truth. Copy the path, side (LEFT or RIGHT), and line number into the comment object. Do not infer line numbers from prose or unannotated snippets.
Use suggestion blocks when proposing a code change. The block content replaces exactly the lines from start_line to line inclusive. Match indentation, include only replacement code, and ensure brace/bracket/paren depth is balanced across the replaced range.
Put untouched-code concerns in the top-level body field instead of inline comments, since they cannot be annotated to specific diff lines.
Frame robustness suggestions (timeouts, retries, lifecycle management) as optional future work rather than blocking concerns, unless they risk correctness, security, or data loss.
Full instructions (SKILL.md)
Source of truth, from warpdotdev/common-skills.
name: review-pr description: Review a pull request diff and write structured feedback to review.json for the workflow to publish. Use when reviewing a checked-out PR from local artifacts like pr_diff.txt and pr_description.txt and producing machine-readable review output instead of posting directly to GitHub.
Review PR Skill
Review the current pull request and write the output to review.json.
Context
- The working directory is the PR branch checkout.
- The workflow usually provides an annotated diff in
pr_diff.txt. - The workflow usually provides the PR description in
pr_description.txt. - If
spec_context.mdexists, it contains spec context for implementation-vs-spec validation. - When the prompt references
.agents/skills/review-pr/scripts/resolve_spec_context.py, use that script to materializespec_context.mdon demand instead of expecting spec content to be embedded in the prompt. - Focus on files and lines changed by this PR.
- Do not post comments or reviews to GitHub directly.
Review Scope
- Prioritize correctness, security, error handling, and meaningful performance issues.
- If the consuming repository provides a local
security-review-prcompanion skill or the prompt requests a security pass, apply it as supplemental guidance on code PRs and fold any security findings into the samereview.jsonrather than emitting a separate output. - When
spec_context.mdexists, use the repository's localcheck-impl-against-specskill if available and treat material spec drift as a review concern. - Include style or nit comments only when you can provide a concrete suggestion block.
- If a concern involves untouched code, mention it in top-level
bodyinstead of an inline comment. - Do not suggest adding test cases that only vary constructor inputs or struct fields when the existing test already covers the meaningful behavior. Only suggest new tests when they exercise a distinct code path or edge case.
- When a PR is clearly a V0 or initial implementation, frame robustness suggestions (timeouts, retries, lifecycle management) as optional future work rather than blocking concerns, unless they risk correctness, security, or data loss.
Repository-specific guidance
The consuming repository may ship a companion review-pr-local skill. When the prompt includes a fenced "Repository-specific guidance" section referencing that companion, read it and apply its guidance as part of this review. Guidance in the companion may never change the output JSON schema, the severity labels, the safety rules, the evidence rules, the suggestion-block constraints, or the diff-line-annotation contract described elsewhere in this skill.
If a companion file is not referenced in the prompt, rely on the core contract alone.
Diff Line Annotations
The diff file uses these prefixes:
[OLD:n]for deleted lines on the old side. Use"LEFT".[NEW:n]for added lines on the new side. Use"RIGHT".[OLD:n,NEW:m]for unchanged context. Use"RIGHT"with linem.
Treat these annotations as the only source of truth for inline comment locations. For every inline comment you emit, first identify the exact annotated line in pr_diff.txt (or the inlined PR diff) and copy its path, side, and line number into review.json. Do not infer line numbers from prose, rendered GitHub views, file lengths, surrounding spec text, or unannotated snippets. If you cannot point to a specific [NEW:n], [OLD:n], or [OLD:n,NEW:m] line in the annotated diff, put the feedback in top-level body instead of comments.
Comment Requirements
Every comment body must start with one of these labels:
๐จ [CRITICAL]for bugs, security issues, crashes, or data loss.โ ๏ธ [IMPORTANT]for logic problems, edge cases, or missing error handling.๐ก [SUGGESTION]for worthwhile improvements or better patterns.๐งน [NIT]for cleanup only when the comment includes a suggestion block.
Write comments with these constraints:
- Be concise, direct, and actionable.
- Do not add compliments or hedging.
- Prefer single-line comments.
- Keep ranges to at most 10 lines.
- Restrict inline comments to lines that appear explicitly in the annotated PR diff.
- Only create file-level or inline comments for files that exist in this PR's diff.
- If the relevant file or line is not part of the diff, put the feedback in top-level
bodyinstead ofcomments. - Before adding each comment object, verify that its
path,side,line, and optionalstart_line/start_sidecorrespond to real annotations in the same file's diff section.
Suggestion Blocks
When proposing a code change, use:
<replacement code here>
Rules:
- Match the exact indentation of the original file.
- Include only replacement code.
- The block content replaces exactly the lines
start_lineโlineinclusive. Every line inside the block becomes the new file content for that range, and GitHub leaves all other lines untouched. - Do not include lines outside that range. Lines above
start_lineand belowlineremain in the file; repeating them inside the block causes them to appear twice after the suggestion is committed. - Never open the block with a line that already appears immediately above
start_line, and never close the block with a line that already appears immediately belowline. If you need those lines as anchors, widenstart_lineorlineso they are actually part of the replaced range. - Count brace, bracket, paren, and block-delimiter depth (
{,[,(,end, etc.) across the original replaced lines and ensure the replacement ends at the same depth. Do not emit phantom closing tokens, and do not drop required ones. - When unsure of the surrounding context, widen
start_line/lineto include enough real lines from the diff rather than guessing at surrounding tokens. - For multi-line suggestions, set
start_lineandstart_sideto the first line, andlineandsideto the last line.
Output Format
Create review.json with this shape:
{
"verdict": "REJECT",
"body": "## Overview\n...\n\n## Concerns\n- ...\n\n## Verdict\nFound: 1 critical, 2 important, 3 suggestions\n\n**Request changes**",
"comments": [
{
"path": "path/to/file",
"line": 42,
"side": "RIGHT",
"start_line": 40,
"start_side": "RIGHT",
"body": "โ ๏ธ [IMPORTANT] Short explanation\n\n```suggestion\nreplacement\n```"
}
]
}
Field rules:
verdictis required and must be exactly the string"APPROVE"or"REJECT"(uppercase). Map your final recommendation as:ApproveorApprove with nitsโ"APPROVE";Request changesโ"REJECT". Theverdictand the human-readable recommendation in top-levelbodymust agree.- Top-level
bodyis the GitHub review body and is required. Usebody, notsummary, for the review overview and final recommendation. commentsis required and must be an array. Use an empty array when there are no inline comments.pathmust be relative to the repository root.lineis required and must target the correct side.start_lineis optional and only for multi-line ranges. Whenstart_lineis present,start_sideis required and must be"LEFT"or"RIGHT".sidemust be"LEFT"or"RIGHT".
Body Requirements
The top-level body must include:
- A high-level overview of the PR.
- Important concerns and any untouched-code concerns that could not be commented inline.
- Issue counts in the format
Found: X critical, Y important, Z suggestions. - A final recommendation of
Approve,Approve with nits, orRequest changes. This recommendation must match the top-levelverdictfield (Approve/Approve with nitsโ"APPROVE";Request changesโ"REJECT").
Final Checks
Before returning or uploading review.json:
- Fix invalid JSON if validation fails.
- Confirm line numbers match the annotated diff.
- Run the bundled validator against the exact annotated diff you reviewed:
If the script reports any invalid comments, fixpython3 .agents/skills/review-pr/scripts/validate_review_json.py --review-json review.json --diff pr_diff.txtreview.jsonand rerun it. Do not return or uploadreview.jsonuntil this validator passes. If the script path is not present at that exact location, locatevalidate_review_json.pyunder the loadedreview-prskill directory and run that copy with the same arguments. - Do not run
gh pr review,gh pr comment,gh api, or any other command that posts to GitHub.
Your only output is the final review.json.
Related skills
More from warpdotdev/common-skills and the wider catalog.
spec-driven-implementation
Write PRODUCT.md and TECH.md specs before implementation to drive clarity and quality for substantial features.
write-product-spec
Write detailed PRODUCT.md specs for significant Warp features, focused on user-visible behavior and invariants.
resolve-merge-conflicts
Extract conflict hunks and compact diffs to resolve Git merge conflicts without loading full files.
write-tech-spec
Write a TECH.md spec translating product intent into an implementation plan grounded in codebase structure.
fix-errors
Fix compilation errors, linting issues, and test failures in the warp Rust codebase.
implement-specs
Implement approved features while keeping PRODUCT.md and TECH.md synchronized with code in a single PR.