Skills Guide

Preflight PR Check

VerifiedSafe

Pre-PR validation script to catch common issues in changed files. Checks TypeScript, React patterns, security, and code quality before pushing.

Sby Skills Guide Bot
DevelopmentIntermediate
206/2/2026
Claude CodeCursorWindsurfCopilotCodex
#preflight-check#code-review#static-analysis#best-practices#pr-preparation

Recommended for

Backend developerClaude CodeCode reviewCursorFrontend developerCopilot

Our review

Runs a series of automated checks on changed files before creating a pull request, covering TypeScript, React, security, performance, and code conventions.

Strengths

  • Covers a broad range of checks (TypeScript, React, security, performance, accessibility, etc.)
  • Operates only on changed files via git diff, making it fast
  • Produces a structured report with file:line references for easy fixes
  • Includes Next.js and Prisma specific checks

Limitations

  • Does not run test suites (vitest/playwright), assuming they will be run before push
  • Requires specific tools (make, pnpm) and may fail if environment is not set up
  • Rules are generic and may not apply to all projects (e.g., semicolons usage)
When to use it

Before creating a pull request to save time on minor review feedback and catch common issues early.

When not to use it

For trivial changes (e.g., typo fix) or if the project already has a comprehensive linting/CI tool covering these checks.

Security analysis

Safe
Quality score90/100

The skill runs standard development checks (git diff, type checking, pnpm audit) and provides a code review checklist. No destructive or exfiltration commands are used.

No concerns found

Examples

Run preflight on changes
Run the preflight check on changed files vs main and report any issues in a grouped markdown report.
Pre-PR code quality audit
Before I push this branch, do a preflight review of all changes since main using the rules in SKILL.md.
Quick pre-push check
Run a preflight check on my current changes and highlight only critical issues (security, TypeScript strict, dead code).

name: preflight description: Pre-PR check for common issues - run before pushing to catch problems early

Preflight

Run this before creating a PR to catch common issues in changed files.

Instructions

  1. Run git diff main --name-only to get list of changed files
  2. For each changed file, run the checks below
  3. Report issues with file:line references
  4. Group by category for readability

Checks

TypeScript Strict

  • [ ] No any types - find proper type or use unknown
  • [ ] No @ts-ignore or @ts-expect-error without explanation
  • [ ] Local interfaces use Props not ComponentNameProps
  • [ ] Type check passes (use make types if available, else pnpm tsc --noEmit)
# Check if 'types' target is available in make output
make 2>/dev/null | grep -q 'types' && make types || pnpm tsc --noEmit

React Patterns

  • [ ] 'use client' only where actually needed (hooks, browser APIs, event handlers)
  • [ ] Browser-only libs use dynamic(() => import(...), { ssr: false })
  • [ ] No console.log left in code (use proper logging or remove)

Route Structure

  • [ ] Routes have loading.tsx with skeleton
  • [ ] Routes have error.tsx with reset button
  • [ ] Page components are server components unless they need client features

Data Fetching

  • [ ] Prisma queries use select to specify fields (not bare findMany())
  • [ ] No N+1 patterns (queries inside loops)
  • [ ] tRPC routers return flat structures

Validation

  • [ ] Zod schemas in validations/ not inline in components

Environment Variables

  • [ ] No process.env.* outside constants/ directory
  • [ ] New env vars added to .env.example
  • [ ] NEXT_PUBLIC_ prefix only for client-safe values
  • [ ] Server-only secrets not accessed in client components

Imports

  • [ ] Use @/ path alias (no ../../../ climbs)
  • [ ] Barrel exports updated when adding new files

Dead Code

  • [ ] No unused imports
  • [ ] No unused variables or parameters
  • [ ] No unused functions or components
  • [ ] No commented-out code blocks (delete or restore)
  • [ ] No unreachable code after return/throw

Security

  • [ ] No hardcoded secrets or API keys
  • [ ] No dangerouslySetInnerHTML without sanitization
  • [ ] No raw SQL queries (use parameterized/Prisma)
  • [ ] No sensitive data in console.log or error messages
  • [ ] User input validated before use

Dependency Vulnerabilities

Quick audit check (not full analysis - use /audit for that):

pnpm audit 2>/dev/null | head -20
  • [ ] No critical/high vulnerabilities in direct dependencies
  • Transitive/dev-only vulnerabilities: note but don't block (run /audit for full analysis)

Git Hygiene

  • [ ] No merge conflict markers (<<<<<<<, =======, >>>>>>>)
  • [ ] No .only or .skip left in test files
  • [ ] No debugger statements
  • [ ] No .env.local or other local config committed
  • [ ] No large binary files that shouldn't be in git

Performance

  • [ ] Large objects/arrays use useMemo if recreated each render
  • [ ] Images have explicit width and height (prevents layout shift)
  • [ ] No synchronous heavy operations in render path
  • [ ] Lists over 100 items paginated or virtualized
  • [ ] No useEffect without dependency array

Styling

  • [ ] Theme-aware colors (text-muted-foreground) not hardcoded (text-gray-500)
  • [ ] Images use <Image> from next/image

Dates

  • [ ] Use formatInTimeZone from date-fns-tz, not format from date-fns
  • [ ] Display dates in facilityTimezone, store in UTC

Accessibility

  • [ ] Images have alt attributes
  • [ ] Interactive elements have proper aria-* attributes
  • [ ] Form inputs have associated labels

Code Style

  • [ ] No semicolons
  • [ ] Files end with single newline
  • [ ] Empty lines have no whitespace
  • [ ] No trailing whitespace

Output Format

## Preflight Report

> Note: Not running test suites (vitest/playwright) - assuming you've run them or will before pushing. CI is the backstop.

### TypeScript (2 issues)
- app/users/page.tsx:15 - `any` type used, consider `User[]`
- components/modal.tsx:8 - uses `UserModalProps` instead of `Props`

### Route Structure (1 issue)
- app/bookings/ - missing loading.tsx

### Imports (1 issue)
- lib/utils.ts:3 - relative import `../../components`, use `@/components`

### Passed
- React Patterns
- Data Fetching
- Validation
- Styling
- Dates
- Accessibility
- Code Style

Severity

Report issues but don't block. Developer decides what to fix. Some checks are style preferences, others are bugs waiting to happen.

Must fix: Security issues, merge conflict markers, hardcoded secrets, .only/.skip in tests Should fix: any types, missing error boundaries, N+1 queries, timezone bugs, unused code, performance issues Nice to fix: Naming conventions, import style, semicolons

Related skills

Next.js App Router Expert

Development

A skill that turns Claude into a Next.js App Router expert.

Claude CodeCursoradvanced
890
234
2,846
Admin

README Generator

Development

Creates professional and comprehensive README.md files for your projects.

claudeCursorWindsurfbeginner
259
72
821
Admin

API Documentation Writer

Development

Generates comprehensive API documentation in OpenAPI/Swagger format.

claudeCursorWindsurfintermediate
156
44
682
Admin