Review
/laravel-agent:review:staged
Review staged changes before commit
Overview
The /review:staged command performs a quick, focused review of staged changes before committing. It runs security and quality checks only on changed code, making it ideal for pre-commit hooks and CI integration.
Usage
/laravel-agent:review:staged [--fail-on=level]Examples
# Review staged changes with default settings
/laravel-agent:review:staged
# Fail only on critical issues
/laravel-agent:review:staged --fail-on=critical
# Fail on warnings and above
/laravel-agent:review:staged --fail-on=warningReview Process
The command performs a systematic review in the following steps:
1. Get Staged Changes
First, it identifies all staged PHP and Blade files:
# List staged files
git diff --cached --name-only | grep -E '\.(php|blade\.php)$'
# Get staged diff
git diff --cached2. Quick Security Scan
Focuses on high-confidence security issues that commonly appear in Laravel code:
| Issue | Confidence | Pattern |
|---|---|---|
| SQL Injection | 95% | DB::raw()*$, whereRaw()*$, selectRaw()*$ |
| XSS | 95% | {!! *$ !!} |
| Mass Assignment | 90% | ->create($request->all()), ->fill($request->all()) |
| Hardcoded Secrets | 95% | '(password|secret|key|token)' => 'value' |
3. Quick Quality Scan
Checks for common code quality issues:
- Long methods - Methods exceeding recommended line counts (85% confidence)
- Debug statements - Left-in debugging code like
dd(),dump(),var_dump(),print_r()(95% confidence)
Example Output
The command generates a comprehensive review report:
## Pre-Commit Review
### Staged Files
- app/Http/Controllers/UserController.php (+45, -12)
- app/Services/OrderService.php (+23, -5)
### Issues Found
| Severity | Issue | File | Line |
|----------|-------|------|------|
| Critical | Debug statement (dd) | OrderService.php | 45 |
| Warning | Long method (35 lines) | UserController.php | 23 |
### Verdict
[ ] **PASS** - Safe to commit
[x] **FAIL** - Fix issues before committingExit Codes
For CI/Hook integration, the command uses standard exit codes:
0- No issues or only suggestions1- Warnings found (if--fail-on=warning)2- Critical issues found
Git Hook Integration
Use this command in a pre-commit hook to automatically review changes before every commit:
#!/bin/bash
# .git/hooks/pre-commit
claude /review:staged --fail-on=critical
exit $?Options
- --fail-on=level - Set the failure threshold:
critical- Only fail on critical security issues (default)warning- Fail on warnings and critical issuessuggestion- Fail on any findings
Best Practices
- Run before every commit - Integrate into your pre-commit hook for automatic checks
- Use appropriate fail levels - Start with
--fail-on=criticaland tighten as team matures - Review findings carefully - High confidence doesn't mean 100% accuracy; verify each issue
- Fix before committing - Don't commit code with known security issues
- Combine with other tools - Use alongside linters and static analysis tools for comprehensive coverage
See Also
- /laravel-agent:review:code - Comprehensive codebase review
- /laravel-agent:security:check - Deep security audit
- /laravel-agent:test:make - Generate tests for changes