Add review-sui-contracts skill#12
Merged
Merged
Conversation
There was a problem hiding this comment.
Pull request overview
Adds a new review-sui-contracts skill that guides AI-assisted review of Sui Move integrations with OpenZeppelin Contracts for Sui, emphasizing methodology-first “reference discovery” (from the integrator’s pinned Move.lock deps) and enforcing OZ Sui code-quality conventions. Also surfaces the new skill in the repository’s main README skill list.
Changes:
- Added
skills/review-sui-contracts/SKILL.mddefining the review scope, reference-discovery workflow, review checklist, and output format. - Updated
README.mdto includereview-sui-contractsin the “Available Skills” table.
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| skills/review-sui-contracts/SKILL.md | Introduces the new skill documentation and review methodology for OZ Contracts for Sui integrations |
| README.md | Adds the new skill to the top-level list of available skills |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
0xNeshi
approved these changes
Jul 8, 2026
ericglau
approved these changes
Jul 14, 2026
bidzyyys
force-pushed
the
feat/develop-secure-sui
branch
from
July 15, 2026 09:47
8c42f12 to
2641623
Compare
New skill for AI-assisted review of Sui Move code that integrates OpenZeppelin Contracts for Sui — the "audit-support" capability. It checks correct use of OZ on-chain primitives (including which role/witness type gates each action), deviations from the library's examples/doc-comments, upheld invariants, test coverage, and code-quality/conventions (enforced against STYLEGUIDE.md). Methodology-first and SSOT-driven: it reuses the develop-secure-contracts discovery chain and points at the library's own sources (examples or module doc-comments, ARCHITECTURE.md, STYLEGUIDE.md, code-quality procedure) rather than restating them. Reads the primitive's API at the integrator's pinned Move.lock revision and the library-wide conventions from main. Named `review-` deliberately: it supports, and does not replace, a formal security audit.
…ES category - Bump .claude-plugin/plugin.json 0.0.2 -> 0.0.3 for the Sui Move skills - Add a Review section (11.1) to dev/TESTING.md covering the review-sui-contracts behavior: establish the reference at the pinned Move.lock rev, review the integrator's use, enforce STYLEGUIDE, verify before reporting, not an audit - Add a "Review skills" category to dev/PRINCIPLES.md (Skill Organization + Scope)
bidzyyys
force-pushed
the
feat/review-sui-contracts
branch
from
July 15, 2026 11:08
7dab301 to
11c35a3
Compare
ericglau
approved these changes
Jul 15, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds a new
review-sui-contractsskill — AI-assisted review of Sui Move code that integrates OpenZeppelin Contracts for Sui (the "audit-support" capability). Namedreview-deliberately: it supports, and does not replace, a formal security audit.What it reviews
senderchecks), right arguments, documented aborts handled.examples/recipe (or the module doc-comment's idiomatic-usage block) and invariants the components document.STYLEGUIDE.md+ the code-quality procedure +--lint.Design
Methodology-first and SSOT-driven — reuses the
develop-secure-contractsdiscovery chain and points at the library's own sources rather than restating them. Reads the primitive's API at the integrator's pinnedMove.lockrevision, and the library-wide conventions (llms.txt, catalogs,ARCHITECTURE.md,STYLEGUIDE.md) frommain.Notes
feat/develop-secure-sui(Add Sui Move support to develop-secure-contracts #11) for the shared Sui context; retarget tomainafter that merges.