Назад към всички

shell-review

// Audit shell scripts for correctness, portability, and common pitfalls. Use when reviewing shell scripts, CI scripts, hook scripts, wrapper scripts. Do not use when creating new scripts - use attune:workflow-setup.

$ git log --oneline --stat
stars:201
forks:38
updated:March 4, 2026
SKILL.mdreadonly
SKILL.md Frontmatter
nameshell-review
descriptionAudit shell scripts for correctness, portability, and common pitfalls.
version1.7.1
globs**/*.sh
alwaysApplyfalse Use when reviewing shell scripts, CI scripts, hook scripts, wrapper scripts. Do not use when creating new scripts - use attune:workflow-setup.
categorybuild
tagsshell,bash,posix,scripting,ci,hooks
toolsRead,Grep,Bash
complexityintermediate
model_hintstandard
estimated_tokens200
progressive_loadingtrue
dependenciespensive:shared,imbue:proof-of-work
modulesexit-codes,portability,safety-patterns

Table of Contents

Shell Script Review

Audit shell scripts for correctness, safety, and portability.

Verification

After review, run shellcheck <script> to verify fixes address identified issues.

Testing

Run pytest plugins/pensive/tests/skills/test_shell_review.py -v to validate review patterns.

Quick Start

/shell-review path/to/script.sh

When To Use

  • CI/CD pipeline scripts
  • Git hook scripts
  • Wrapper scripts (run-*.sh)
  • Build automation scripts
  • Pre-commit hook implementations

When NOT To Use

  • Non-shell scripts (Python, JS, etc.)
  • One-liner commands that don't need review

Required TodoWrite Items

  1. shell-review:context-mapped
  2. shell-review:exit-codes-checked
  3. shell-review:portability-checked
  4. shell-review:safety-patterns-verified
  5. shell-review:evidence-logged

Workflow

Step 1: Map Context (shell-review:context-mapped)

Identify shell scripts:

# Find shell scripts
find . -not -path "*/.venv/*" -not -path "*/__pycache__/*" \
  -not -path "*/node_modules/*" -not -path "*/.git/*" \
  -name "*.sh" -type f | head -20
# Check shebangs
grep -l "^#!/" scripts/ hooks/ 2>/dev/null | head -10

Document:

  • Script purpose and trigger context
  • Integration points (make, pre-commit, CI)
  • Expected inputs and outputs

Step 2: Exit Code Audit (shell-review:exit-codes-checked)

@include modules/exit-codes.md

Step 3: Portability Check (shell-review:portability-checked)

@include modules/portability.md

Step 4: Safety Patterns (shell-review:safety-patterns-verified)

@include modules/safety-patterns.md

Step 5: Evidence Log (shell-review:evidence-logged)

Use imbue:proof-of-work to record findings with file:line references.

Summarize:

  • Critical issues (failures masked, security risks)
  • Major issues (portability, maintainability)
  • Minor issues (style, documentation)

Output Format

## Summary
Shell script review findings

## Scripts Reviewed
- [list with line counts]

## Exit Code Issues
### [E1] Pipeline masks failure
- Location: script.sh:42
- Pattern: `cmd | grep` loses exit code
- Fix: Use pipefail or capture separately

## Portability Issues
[cross-platform concerns]

## Safety Issues
[unquoted variables, missing set flags]

## Recommendation
Approve / Approve with actions / Block

Exit Criteria

  • Exit code propagation verified
  • Portability issues documented
  • Safety patterns checked
  • Evidence logged