⚠️

重要前提

安装AI Skills的关键前提是：必须科学上网，且开启TUN模式，这一点至关重要，直接决定安装能否顺利完成，在此郑重提醒三遍：科学上网，科学上网，科学上网。查看完整安装教程 →

GitNexus PR 审查指南：自动化代码审查、影响分析与风险评估

gitnexus-pr-review by abhigyanpatwari/gitnexus

63 周安装量

19,300 GitHub Stars

GitHub

安装命令

npx skills add https://github.com/abhigyanpatwari/gitnexus --skill gitnexus-pr-review

开发代码质量开发运维

🇨🇳中文介绍

使用 GitNexus 进行 PR 审查

使用时机

"审查这个 PR"
"PR #42 改变了什么？"
"这个 PR 可以安全合并吗？"
"这个 PR 的影响范围有多大？"
"这个 PR 缺少测试吗？"
在合并前审查他人的代码变更

工作流程

1. gh pr diff <number>                                    → 获取原始差异
2. gitnexus_detect_changes({scope: "compare", base_ref: "main"})  → 将差异映射到受影响的流程
3. 对于每个变更的符号：
   gitnexus_impact({target: "<symbol>", direction: "upstream"})    → 每个变更的影响范围
4. gitnexus_context({name: "<key symbol>"})               → 理解调用者/被调用者
5. READ gitnexus://repo/{name}/processes                   → 检查受影响的执行流程
6. 总结发现并进行风险评估

如果出现"索引已过时" → 在审查前在终端运行 npx gitnexus analyze。

检查清单

- [ ] 获取 PR 差异 (gh pr diff 或 git diff base...head)
- [ ] 使用 gitnexus_detect_changes 将变更映射到受影响的执行流程
- [ ] 对每个非平凡的变更符号使用 gitnexus_impact
- [ ] 审查 d=1 的项目（将会破坏）— 调用者是否已更新？
- [ ] 对关键变更符号使用 gitnexus_context 以理解完整情况
- [ ] 检查受影响的流程是否有测试覆盖
- [ ] 评估总体风险等级
- [ ] 撰写包含发现的审查总结

广告位招租

在这里展示您的产品或服务

触达数万 AI 开发者，精准高效

联系我们

相关 Skills

find-skills 技能搜索工具 - Vercel Labs 开源智能体技能包管理器

949,000 周安装

Vercel React 最佳实践指南 | 58条Next.js性能优化规则与代码重构

298,500 周安装

Vercel Web界面规范检查工具 - 自动检测代码是否符合Web设计指南

240,000 周安装

agent-browser 浏览器自动化工具 - Vercel Labs 命令行网页操作与测试

169,700 周安装

维度	GitNexus 如何提供帮助
正确性	`context` 显示调用者 — 它们是否都与变更兼容？
影响范围	`impact` 显示 d=1/d=2/d=3 的依赖项 — 是否有遗漏？
完整性	`detect_changes` 显示所有受影响的流程 — 它们是否都得到了处理？
测试覆盖率	`impact({includeTests: true})` 显示哪些测试触及了变更的代码
破坏性变更	未在 PR 中更新的 d=1 上游项目 = 潜在的破坏

信号	风险
变更触及 <3 个符号，0-1 个流程	低
变更触及 3-10 个符号，2-5 个流程	中
变更触及 >10 个符号或多个流程	高
变更触及认证、支付或数据完整性代码	关键
PR 差异之外存在 d=1 的调用者	潜在的破坏 — 标记它

gitnexus_detect_changes — 将 PR 差异映射到受影响的执行流程：

gitnexus_detect_changes({scope: "compare", base_ref: "main"})

→ 变更：4 个文件中的 8 个符号
→ 受影响的流程：CheckoutFlow, RefundFlow, WebhookHandler
→ 风险：中

gitnexus_impact — 每个变更符号的影响范围：

gitnexus_impact({target: "validatePayment", direction: "upstream"})

→ d=1 (将会破坏)：
  - processCheckout (src/checkout.ts:42) [CALLS, 100%]
  - webhookHandler (src/webhooks.ts:15) [CALLS, 100%]

→ d=2 (可能受影响)：
  - checkoutRouter (src/routes/checkout.ts:22) [CALLS, 95%]

gitnexus_impact with tests — 检查测试覆盖率：

gitnexus_impact({target: "validatePayment", direction: "upstream", includeTests: true})

→ 覆盖此符号的测试：
  - validatePayment.test.ts [直接]
  - checkout.integration.test.ts [通过 processCheckout]

gitnexus_context — 理解变更符号的角色：

gitnexus_context({name: "validatePayment"})

→ 传入调用：processCheckout, webhookHandler
→ 传出调用：verifyCard, fetchRates
→ 流程：CheckoutFlow (步骤 3/7), RefundFlow (步骤 1/5)

示例："审查 PR #42"

1. gh pr diff 42 > /tmp/pr42.diff
   → 4 个文件变更：payments.ts, checkout.ts, types.ts, utils.ts

2. gitnexus_detect_changes({scope: "compare", base_ref: "main"})
   → 变更的符号：validatePayment, PaymentInput, formatAmount
   → 受影响的流程：CheckoutFlow, RefundFlow
   → 风险：中

3. gitnexus_impact({target: "validatePayment", direction: "upstream"})
   → d=1: processCheckout, webhookHandler (将会破坏)
   → webhookHandler 不在 PR 差异中 — 潜在的破坏！

4. gitnexus_impact({target: "PaymentInput", direction: "upstream"})
   → d=1: validatePayment (在 PR 中), createPayment (不在 PR 中)
   → createPayment 使用了旧的 PaymentInput 结构 — 破坏性变更！

5. gitnexus_context({name: "formatAmount"})
   → 被 12 个函数调用 — 但变更是向后兼容的（添加了可选参数）

6. 审查总结：
   - 中风险 — 3 个变更的符号影响了 2 个执行流程
   - BUG: webhookHandler 调用了 validatePayment 但未针对新签名进行更新
   - BUG: createPayment 依赖的 PaymentInput 类型已变更
   - OK: formatAmount 变更是向后兼容的
   - 测试：checkout.test.ts 覆盖了 processCheckout 路径，但没有 webhook 测试

将您的审查结构化为：

## PR 审查：<标题>

**风险：低 / 中 / 高 / 关键**

### 变更摘要
- <N> 个符号在 <M> 个文件中变更
- <P> 个执行流程受影响

### 发现
1. **[严重程度]** 发现描述
   - 来自 GitNexus 工具的证据
   - 受影响的调用者/流程

### 缺失的覆盖
- PR 中未更新的调用者：...
- 未测试的流程：...

### 建议
批准 / 请求变更 / 需要讨论

🇺🇸English

PR Review with GitNexus

When to Use

"Review this PR"
"What does PR #42 change?"
"Is this safe to merge?"
"What's the blast radius of this PR?"
"Are there missing tests for this PR?"
Reviewing someone else's code changes before merge

Workflow

1. gh pr diff <number>                                    → Get the raw diff
2. gitnexus_detect_changes({scope: "compare", base_ref: "main"})  → Map diff to affected flows
3. For each changed symbol:
   gitnexus_impact({target: "<symbol>", direction: "upstream"})    → Blast radius per change
4. gitnexus_context({name: "<key symbol>"})               → Understand callers/callees
5. READ gitnexus://repo/{name}/processes                   → Check affected execution flows
6. Summarize findings with risk assessment

If "Index is stale" → run npx gitnexus analyze in terminal before reviewing.

Checklist

- [ ] Fetch PR diff (gh pr diff or git diff base...head)
- [ ] gitnexus_detect_changes to map changes to affected execution flows
- [ ] gitnexus_impact on each non-trivial changed symbol
- [ ] Review d=1 items (WILL BREAK) — are callers updated?
- [ ] gitnexus_context on key changed symbols to understand full picture
- [ ] Check if affected processes have test coverage
- [ ] Assess overall risk level
- [ ] Write review summary with findings

Review Dimensions

Dimension	How GitNexus Helps
Correctness	`context` shows callers — are they all compatible with the change?
Blast radius	`impact` shows d=1/d=2/d=3 dependents — anything missed?
Completeness	`detect_changes` shows all affected flows — are they all handled?
Test coverage	`impact({includeTests: true})` shows which tests touch changed code
Breaking changes	d=1 upstream items that aren't updated in the PR = potential breakage

Risk Assessment

Signal	Risk
Changes touch <3 symbols, 0-1 processes	LOW
Changes touch 3-10 symbols, 2-5 processes	MEDIUM
Changes touch >10 symbols or many processes	HIGH
Changes touch auth, payments, or data integrity code	CRITICAL
d=1 callers exist outside the PR diff	Potential breakage — flag it

Tools

gitnexus_detect_changes — map PR diff to affected execution flows:

gitnexus_detect_changes({scope: "compare", base_ref: "main"})

→ Changed: 8 symbols in 4 files
→ Affected processes: CheckoutFlow, RefundFlow, WebhookHandler
→ Risk: MEDIUM

gitnexus_impact — blast radius per changed symbol:

gitnexus_impact({target: "validatePayment", direction: "upstream"})

→ d=1 (WILL BREAK):
  - processCheckout (src/checkout.ts:42) [CALLS, 100%]
  - webhookHandler (src/webhooks.ts:15) [CALLS, 100%]

→ d=2 (LIKELY AFFECTED):
  - checkoutRouter (src/routes/checkout.ts:22) [CALLS, 95%]

gitnexus_impact with tests — check test coverage:

gitnexus_impact({target: "validatePayment", direction: "upstream", includeTests: true})

→ Tests that cover this symbol:
  - validatePayment.test.ts [direct]
  - checkout.integration.test.ts [via processCheckout]

gitnexus_context — understand a changed symbol's role:

gitnexus_context({name: "validatePayment"})

→ Incoming calls: processCheckout, webhookHandler
→ Outgoing calls: verifyCard, fetchRates
→ Processes: CheckoutFlow (step 3/7), RefundFlow (step 1/5)

Example: "Review PR #42"

1. gh pr diff 42 > /tmp/pr42.diff
   → 4 files changed: payments.ts, checkout.ts, types.ts, utils.ts

2. gitnexus_detect_changes({scope: "compare", base_ref: "main"})
   → Changed symbols: validatePayment, PaymentInput, formatAmount
   → Affected processes: CheckoutFlow, RefundFlow
   → Risk: MEDIUM

3. gitnexus_impact({target: "validatePayment", direction: "upstream"})
   → d=1: processCheckout, webhookHandler (WILL BREAK)
   → webhookHandler is NOT in the PR diff — potential breakage!

4. gitnexus_impact({target: "PaymentInput", direction: "upstream"})
   → d=1: validatePayment (in PR), createPayment (NOT in PR)
   → createPayment uses the old PaymentInput shape — breaking change!

5. gitnexus_context({name: "formatAmount"})
   → Called by 12 functions — but change is backwards-compatible (added optional param)

6. Review summary:
   - MEDIUM risk — 3 changed symbols affect 2 execution flows
   - BUG: webhookHandler calls validatePayment but isn't updated for new signature
   - BUG: createPayment depends on PaymentInput type which changed
   - OK: formatAmount change is backwards-compatible
   - Tests: checkout.test.ts covers processCheckout path, but no webhook test

Review Output Format

Structure your review as:

## PR Review: <title>

**Risk: LOW / MEDIUM / HIGH / CRITICAL**

### Changes Summary
- <N> symbols changed across <M> files
- <P> execution flows affected

### Findings
1. **[severity]** Description of finding
   - Evidence from GitNexus tools
   - Affected callers/flows

### Missing Coverage
- Callers not updated in PR: ...
- Untested flows: ...

### Recommendation
APPROVE / REQUEST CHANGES / NEEDS DISCUSSION

Weekly Installs

Repository

abhigyanpatwari/gitnexus

GitHub Stars

11.6K

First Seen

9 days ago

Security Audits

Gen Agent Trust HubPass SocketWarn SnykWarn

Installed on

opencode16

claude-code16

github-copilot16

codex16

kimi-cli16

gemini-cli16

Azure Data Explorer (Kusto) 查询技能：KQL数据分析、日志遥测与时间序列处理

152,400 周安装