fix-review

Fix Review - Code Fix Review Skill

Skill Overview

Fix Review is a specialized review skill for validating code-fix submissions. It ensures that issues identified through security audits are fully resolved, without introducing new vulnerabilities or defects.

Use Cases

1. Repair Validation After a Security Audit

After a security audit finds vulnerabilities or security risks in code, the development team submits fixes. Fix Review helps review these fix submissions to verify that they truly address the original issue—not just superficially patch it.

2. Code Change Quality Assurance

After critical code changes, especially those involving security-related modifications, it is important to ensure the changes do not introduce new problems. Fix Review checks for side effects of the fixes, preventing new bugs from being created while resolving an issue.

3. Repair Completeness Verification

Verify whether the fix work covers all aspects identified by the audit, including addressing the root cause, troubleshooting similar issues, and ensuring the completeness of test coverage—so the fix work is truly completed.

Core Capabilities

1. Fix Submission Analysis

Deeply analyze code submissions claiming to fix the audited findings. Compare the code state before and after the fix to understand the specific changes made. Verify whether the fix targets the root cause of the problem rather than merely patching symptoms.

2. Regression Issue Checks

Thoroughly check whether the fixed code may introduce new vulnerabilities or functional bugs. This includes analyzing the impact scope of the code changes, checking potential side effects, and verifying whether similar patterns contain the same issue.

3. Repair Completeness Verification

Ensure that all audit findings are properly handled, including:

Verify the original issue has been thoroughly resolved

Check whether tests cover the repaired scenarios

Confirm that no similar unpatched vulnerabilities remain

Validate that the fix follows security best practices

Common Questions

How does Fix Review verify whether a code fix is effective?

Fix Review compares the fixed code with the original audited findings to analyze whether the root cause has been addressed. It checks whether the logic of the code changes is correct, whether tests cover the repaired scenarios, and whether the fix follows security best practices. It also checks whether similar unaddressed issues exist elsewhere in the codebase.

Why is a dedicated fix review needed—why isn’t a regular code review enough?

A regular code review mainly focuses on code quality and feature implementation. Fix Review focuses specifically on validating security-related fixes. Security fixes have special requirements: they require a deep understanding of the underlying principles of the original vulnerability, verification that the fix does not introduce new security issues, and checking whether similar code contains the same vulnerability. Fix Review provides this specialized review perspective.

How do you ensure the fix does not introduce new issues?

Fix Review uses a multi-layer validation approach: first analyze the impact scope of the fix code, then check possible side effects, verify that test coverage is sufficient, and finally review whether similar patterns in the codebase require corresponding fixes. This comprehensive approach can effectively prevent the fix from introducing new issues.