pr-triage
Facilitates the triage of open pull requests by assessing their status and managing workflow to streamline the merging process.
Install this skill
Security score
The pr-triage skill was audited on May 13, 2026 and we found 26 security issues across 2 threat categories, including 2 high-severity. Review the findings below before installing.
Categories Tested
Security Issues
Template literal with variable interpolation in command context
| 43 | `pr-review-session view` and `next` automatically check out the PR's branch into a per-repo triage worktree at `${XDG_CACHE_HOME:-~/.cache}/pr-triage-worktrees/<owner>-<repo>`. The summary prints `Wor |
Template literal with variable interpolation in command context
| 306 | `pr-review-session view`/`next` automatically checks out the PR into a per-repo triage worktree at `${XDG_CACHE_HOME:-~/.cache}/pr-triage-worktrees/<owner>-<repo>` and prints the path as `Worktree: <p |
Access to hidden dotfiles in home directory
| 24 | **Always use the `pr-review-session` helper script** for managing PR triage sessions. The script is located at `~/.claude/skills/pr-triage/pr-review-session`. It tracks which PRs have been reviewed, m |
Access to hidden dotfiles in home directory
| 43 | `pr-review-session view` and `next` automatically check out the PR's branch into a per-repo triage worktree at `${XDG_CACHE_HOME:-~/.cache}/pr-triage-worktrees/<owner>-<repo>`. The summary prints `Wor |
Access to hidden dotfiles in home directory
| 60 | 1. `mkdir -p ~/.playwright-auth` |
Access to hidden dotfiles in home directory
| 63 | 4. `playwright-cli state-save ~/.playwright-auth/github.json -s=github-auth` |
Access to hidden dotfiles in home directory
| 65 | The triage script loads `~/.playwright-auth/github.json` into each new `pr-triage-*` session the first time that session is created. If the file is missing, the PR page may show GitHub’s sign-in UI un |
Access to hidden dotfiles in home directory
| 67 | - **Overrides:** `PR_REVIEW_NO_PLAYWRIGHT=1` forces the legacy Firefox new-tab behavior. `PLAYWRIGHT_CLI` sets the path to `playwright-cli` (default `~/.local/bin/playwright-cli`, then `PATH`). |
Access to hidden dotfiles in home directory
| 84 | ~/.claude/skills/pr-triage/pr-review-session reset |
Access to hidden dotfiles in home directory
| 94 | ~/.claude/skills/pr-triage/pr-review-session list |
Access to hidden dotfiles in home directory
| 97 | If no unreviewed PRs, inform the user. They can run `~/.claude/skills/pr-triage/pr-review-session reset` to clear the session and start fresh, or stop. |
Access to hidden dotfiles in home directory
| 102 | ~/.claude/skills/pr-triage/pr-review-session status |
Access to hidden dotfiles in home directory
| 107 | - **Next unreviewed in order**: `~/.claude/skills/pr-triage/pr-review-session next` — marks the current PR as reviewed and shows the next unreviewed. When every actionable PR has been reviewed in the |
Access to hidden dotfiles in home directory
| 108 | - **Specific PR by number**: `~/.claude/skills/pr-triage/pr-review-session view <number>` — shows that PR and sets it as current for the next `next`. |
Access to hidden dotfiles in home directory
| 109 | - **Current branch's PR**: `~/.claude/skills/pr-triage/pr-review-session view` (no number). |
Access to hidden dotfiles in home directory
| 110 | - **Open in browser**: `~/.claude/skills/pr-triage/pr-review-session view <number> --web` |
Access to hidden dotfiles in home directory
| 119 | ~/.claude/skills/pr-triage/pr-review-session view <number> |
Access to hidden dotfiles in home directory
| 158 | ~/.claude/skills/pr-triage/cr-needs-review <number> |
Access to hidden dotfiles in home directory
| 267 | Or run `~/.claude/skills/pr-triage/pr-review-session view <number>` again to open the current PR in that session. |
Access to hidden dotfiles in home directory
| 274 | 2. Run: `~/.claude/skills/pr-triage/pr-review-session snooze <number> <duration>` |
Access to hidden dotfiles in home directory
| 281 | - **Move to next unreviewed**: `~/.claude/skills/pr-triage/pr-review-session next` — marks current PR as reviewed and shows the next. When every actionable PR has been reviewed in the current round, t |
Access to hidden dotfiles in home directory
| 282 | - **Jump to another PR**: `~/.claude/skills/pr-triage/pr-review-session view <number>` |
Access to hidden dotfiles in home directory
| 283 | - **Reset session**: `~/.claude/skills/pr-triage/pr-review-session reset` — clears session state for this repo. |
Access to hidden dotfiles in home directory
| 284 | - Otherwise, return to PR assessment or `~/.claude/skills/pr-triage/pr-review-session list` based on context. |
Access to hidden dotfiles in home directory
| 306 | `pr-review-session view`/`next` automatically checks out the PR into a per-repo triage worktree at `${XDG_CACHE_HOME:-~/.cache}/pr-triage-worktrees/<owner>-<repo>` and prints the path as `Worktree: <p |
Access to hidden dotfiles in home directory
| 332 | All `pr-review-session` and `cr-needs-review` commands should be prefixed with the full path: `~/.claude/skills/pr-triage/` |