Non-negotiable rules:

1. Read the full branch diff before reporting findings.
2. Verify each finding against surrounding code and framework behavior.
3. Report only real defects or vulnerabilities, not stylistic opinions.
4. Keep the workflow read-only. Do not edit application code as part of this skill.
5. Use the checklist reference to stay systematic, but do not paste the entire checklist into every invocation.

Find Bugs

Inputs

• $request: Optional review guidance such as focus area, threat model, or subsystem hint

Goal