code-audit

Parallel 3-phase security/style/synthesis audit with cross-file pattern detection.

Workflow for analyze-codebase

Security and compatibility audit of dependency trees with CVE verification.

Finding code regressions and systemic patterns across large codebases in batch.

Feature promotion workflows where maturity gates and dependency checks are critical

Processing batches of items through concurrent, scoped review stages with per-item result collection.

Processing batches of items through concurrent, scoped review stages with per-item result collection.

When you need systematic code review for bugs, security, and quality improvements.

Keeping a custom Claude Code setup in sync with upstream platform updates, preventing drift and discovering new capabilities to adopt.

When shipping production-grade code requires discipline across architecture, testing, deployment, and security domains rather than isolated linting.

Systematic identification of bugs and refactoring opportunities in pull requests.

Catching gaps and codebase drift in a plan when stakes warrant independent verification beyond same-context red-teaming with clean-context subagent.

Catching language-specific bugs and design issues before commit by applying both project-local and generic review profiles to changed code.

Structured peer review of code changes before merge, catching bugs and style violations early

Comprehensive codebase audits where structural issues must be prioritized and mapped across modules.

Gate skill publication by enforcing consistent structure without manual 8-phase checklists

Finishing a phase when you want machine-assisted code quality review before merging, with control over depth vs time.

workflow automation in specialized problem domain; check artifact name and description.

Best for orchestrating parallel multi-phase work.

Publishing genomics workflows where 'we aligned with STAR' is too vague—lock down exact versions, genomes, parameters, and accessions for publication-ready methods.

Catching ecosystem mismatches before they reach production; complements automatic hook with external verification.

Automating code review workflows and branch management in Bitbucket when you're in a git-centric org using Atlassian stack

Running go/no-go pre-deployment checks in parallel with cost-optimized model routing (cheap + expensive gates).

Monthly per repo, before major releases, or when adding a significant new dependency. Surface critical security findings

Reviewing multi-agent system design for coupling, messaging patterns, and safety boundaries.

Pull-request review of Android code when Kotlin correctness, lifecycle safety, and SDK integration must be jointly assessed before merge.

Automated code quality gates in CI/CD to detect security vulnerabilities, bugs, and technical debt before code reaches production.

Quickly documenting codebases for AI context or team onboarding without manual summarization.

Discovering quality gaps across multiple architecture and compliance dimensions.

Orchestrating end-to-end ticket-to-PR cycles with parallel code review and automated fix loops.

Automating multi-phase task execution with agents.

Multi-perspective code review with adversarial voting and automated fix application.

fan-out parallel research with synthesized results

Automated code review with structured feedback loops.

Comprehensive codebase health check covering structure, dependencies, and quality before release.

Comprehensive review of codebase/content with structured audit findings.

Periodic project-wide audits, pre-release reviews, post-incident hardening passes.

Before merging, when you need a senior engineer review catching correctness bugs, security issues, and maintainability problems.

Multi-file refactors, full-stack features, or spec-driven work where parallel validation and retry beat sequential manual oversight.

Bootstrapping documentation for an unfamiliar codebase when you need structure before reading individual files.

Preventing production incidents by systematically auditing security, database, and code quality before deploy.

Post-implementation review to catch security issues, bugs, and code quality gaps before merge.

Identifying security vulnerabilities and compliance risks in code diffs before merge.

workflow automation in specialized problem domain; check artifact name and description.

Enforcing zero-defect standards on medium codebases where iterative polish beats single-pass review.

Identifying spend concentrations and antipatterns when your Claude bill is unexpectedly high.

Quick after-change validation in React projects when a fast score + actionable fixes matter more than deep architectural review.

When auditing Java code for race conditions, deadlocks, and thread safety.

Catching real bugs in code changes before PR merge, with proof and concrete fixes

After code implementation to document changes, verify tasks completed, and create reviewer checklists

When you need mandatory code review before commit, catching security, type hints, and architecture violations.

Code review just before commit/ship when you need advisory findings verified against real dependencies.

Regular codebase audits to catch health degradation before it blocks features.

When evaluating automated code review comments for correctness using full codebase context.

Auditing code for authorization, RLS, and authentication vulnerabilities before launch.

reviewing pull requests, analyzing code quality, identifying issues, generating review checklists.

Scanning codebases for dead code, tech debt, and vulnerabilities in a single command without manual code review

Thorough security checklist + bug audit when you need systematic attack-surface mapping before merge.

Automating the full developer→CR→ship cycle with structured gating and audit trail.

Detecting hidden reuse opportunities and efficiency bugs across changed code in one pass.

Onboarding or refactoring when you want a comprehensive structure survey without running code.

Full-pipeline code validation with automatic style and format fixes.

Pre-commit quality check when AI agents have contributed code

Auditing BehaviorTree.CPP nodes for non-blocking ticks and correct base-class choice.

When you need multi-level code review before merging high-risk changes.

When auditing source code in CI/CD or pre-release security review.

When you need to prioritize refactoring and identify hot spots in a large codebase

Identify linting rule gaps and tool suppression abuse in legacy projects without modifying code.

Parallel auditing of unfamiliar legacy code when multiple specialists are needed.

Universal PR quality checks when no role-specific reviewer exists.

Addressing test failures and reviewer feedback systematically with detailed GitHub updates.

Building production codebase-audit applications with best practices.

Automated code review with structured feedback loops.

Automated code review with structured feedback loops.

Fast codebase orientation using large-context language model analysis.

Auditing code for authorization, RLS, and authentication vulnerabilities before launch.

Onboarding to unfamiliar codebases or assessing code health before major refactors

Enforcing project-specific code standards across all PR changes.

onboarding a legacy codebase, planning a refactor, or auditing embedded dependencies across C++, Android,

Run automated health checks and linting rules against codebase without manual review.

Systematically triaging project tasks and surfacing critical path blockers.

reviewing pull requests for production readiness

When evaluating code clarity and idioms before merging pull requests.

Creating GitHub PRs with required templates, security reviews, and conventional commit standards.

Providing subagent-level automation for code review part 4 three state verification phase tasks.

Auditing code for authorization, RLS, and authentication vulnerabilities before launch.

When reviewing prs or checking code quality.

Auditing codebases when you need whole-repo cross-slice analysis (orphans, duplication, dead code, architecture drift, HARD-RULE compliance).

Developers who want structured, evidence-based feedback on their work growth without waiting for code reviews, using their actual recent project history as the signal.

Continuous integration pipelines auditing code quality and security across teams.

Quick snapshot of progress across parallel Claude Code sessions before switching contexts.

Code review and PR workflows on Bitbucket Cloud or Server.