Skip to main content
AI/MLathola

shell-review

Audits shell scripts for correctness, portability, and common pitfalls. Use when reviewing shell scripts or before committing shell changes.

Stars
294
Source
athola/claude-night-market
Updated
2026-05-30
Slug
athola--claude-night-market--shell-review
View on GitHubRaw SKILL.md

// install — copy + paste into any project

mkdir -p .claude/skills && curl -fsSL https://raw.githubusercontent.com/athola/claude-night-market/HEAD/plugins/pensive/skills/shell-review/SKILL.md -o .claude/skills/shell-review.md

Drops the SKILL.md into .claude/skills/shell-review.md. Works with Claude Code, Cursor, and any agent that loads SKILL.md files from .claude/skills/.

Table of Contents

Shell Script Review

Audit shell scripts for correctness, safety, and portability.

Verification

After review, run shellcheck <script> to verify fixes address identified issues.

Testing

Run pytest plugins/pensive/tests/skills/test_shell_review.py -v to validate review patterns.

Quick Start

/shell-review path/to/script.sh

When To Use

  • CI/CD pipeline scripts
  • Git hook scripts
  • Wrapper scripts (run-*.sh)
  • Build automation scripts
  • Pre-commit hook implementations

When NOT To Use

  • Non-shell scripts (Python, JS, etc.)
  • One-liner commands that don't need review

Required TodoWrite Items

  1. shell-review:context-mapped
  2. shell-review:exit-codes-checked
  3. shell-review:portability-checked
  4. shell-review:safety-patterns-verified
  5. shell-review:structure-checked
  6. shell-review:evidence-logged

Workflow

Step 1: Map Context (shell-review:context-mapped)

Identify shell scripts:

# Find shell scripts
find . -not -path "*/.venv/*" -not -path "*/__pycache__/*" \
  -not -path "*/node_modules/*" -not -path "*/.git/*" \
  -name "*.sh" -type f | head -20
# Check shebangs
rg -l "^#!/" scripts/ hooks/ 2>/dev/null | head -10
# fallback: grep -l "^#!/" scripts/ hooks/ 2>/dev/null | head -10

Document:

  • Script purpose and trigger context
  • Integration points (make, pre-commit, CI)
  • Expected inputs and outputs

Step 2: Exit Code Audit (shell-review:exit-codes-checked)

@include modules/exit-codes.md

Step 3: Portability Check (shell-review:portability-checked)

@include modules/portability.md

Step 4: Safety Patterns (shell-review:safety-patterns-verified)

@include modules/safety-patterns.md

Step 5: Structure Patterns (shell-review:structure-checked)

@include modules/structure-patterns.md

Step 6: Evidence Log (shell-review:evidence-logged)

Use imbue:proof-of-work to record findings with file:line references.

Summarize:

  • Critical issues (failures masked, security risks)
  • Major issues (portability, maintainability)
  • Minor issues (style, documentation)

Output Format

## Summary
Shell script review findings

## Scripts Reviewed
- [list with line counts]

## Exit Code Issues
### [E1] Pipeline masks failure
- Location: script.sh:42
- Pattern: `cmd | grep` loses exit code
- Fix: Use pipefail or capture separately

## Portability Issues
[cross-platform concerns]

## Safety Issues
[unquoted variables, missing set flags]

## Recommendation
Approve / Approve with actions / Block

Exit Criteria

  • Exit code propagation verified (pipelines checked for pipefail or capture-and-check)
  • Portability issues documented (Bash-isms in #!/bin/sh scripts flagged)
  • Safety patterns verified (no echo, braced vars, :? expansion, cd in subshells, no basename/dirname)
  • Structure patterns verified (library/executable distinction, main call, preamble, depcheck, shfmt formatting)
  • Evidence logged with file:line references via imbue:proof-of-work