find-bugs

Quick Review

Excellent security-focused code review skill with systematic methodology. The description clearly indicates when to invoke it (branch reviews, bug finding, security audits). The 5-phase approach is comprehensive and methodical: complete input gathering with truncation handling, attack surface mapping, exhaustive security checklist covering OWASP Top 10+ issues, verification to reduce false positives, and pre-conclusion audit for thoroughness. The structure is logical and not cluttered. Task knowledge is exceptional with specific commands, concrete checklists, and detailed output format requirements. Novelty is strong - a CLI agent would require many tokens and multiple prompts to achieve this level of systematic security review coverage. Minor improvement possible: could reference external configuration files for customizable checklists, but current single-file approach is clean and self-contained for this scope.