Reviews (Pre-merge Gates)

Review commands form the quality gates that a story must pass before it can move to "done" status. Each review targets a specific concern (code quality, security, performance, accessibility, etc.) and writes a PASSED or FAILED verdict into the story's Review Gate table. Verdicts are evaluated against the project's rubric configuration. You can run reviews individually or all at once with /gaia-review-all.

Aggregate review

• /gaia-review-all user-facing Run all review workflows sequentially and populate the entire Review Gate table.
• /gaia-check-review-gate user-facing Check the composite Review Gate status and transition the story to done if all reviews pass.

Individual reviews

• /gaia-review-code user-facing Pre-merge code review checking code quality, SOLID principles, and complexity.
• /gaia-review-qa user-facing Generate and review QA test cases for automated test coverage.
• /gaia-review-test user-facing Review test quality and identify flakiness or coverage issues.
• /gaia-review-security user-facing OWASP-focused security review: Top 10 scan, hardcoded secrets detection, auth pattern analysis.
• /gaia-review-perf user-facing Review code for performance issues including N+1 queries, memory impact, and algorithmic complexity.
• /gaia-review-a11y user-facing Pre-merge accessibility gate for WCAG 2.1 compliance (semantic HTML, ARIA, keyboard, contrast).
• /gaia-review-mobile user-facing Mobile review gate: manifest, entitlements, signing, store metadata, privacy manifest, and deep links.
• /gaia-review-api user-facing Review REST API design against naming conventions, HTTP methods, status codes, and error format standards.
• /gaia-review-deps user-facing Audit dependencies for known CVEs, outdated versions, and license conflicts.
• /gaia-perf-deepdive user-facing Anytime performance bottleneck analysis: N+1 queries, memory, bundle impact, caching, complexity.