Security-Sensitive PR Review Card
A template for AI-assisted PR triage that flags risky changes without pretending to approve them.
Scaffold content — replace with the real PR Review Card when ready.
What it does
The Security-Sensitive PR Review Card is a one-page template attached to PRs that touch security-sensitive code paths. Its job is to flag risk and ask the structured questions a human reviewer must answer — not to approve the PR.
The card has four sections: risk indicators, test coverage, audit relevance, and human-decision questions.
The template
# Security-sensitive PR review
## Risk indicators
- [ ] Touches privileged role / access control
- [ ] Changes a documented invariant
- [ ] Modifies external calls
- [ ] Touches upgrade path or proxy
- [ ] Changes economic parameters
- [ ] Adds a new dependency
- [ ] Changes admin functions
## Test coverage
- [ ] Unit tests added
- [ ] Fuzz / property tests touched
- [ ] Invariant tests still pass
- [ ] Fork-test scenarios
## Audit relevance
- Was this code reviewed in the last audit? (Y/N + audit name)
- Does this change a prior audit assumption? (Y/N + which)
## Human decision required
- (List the specific questions a senior reviewer must answer.)
## What AI must NOT decide
- Whether the change is safe to merge
- Whether the invariant still holds
- Whether an audit assumption still holdsHow to integrate
| Step | What | Where |
|---|---|---|
| 1 | Copy the template into your repo | .github/PULL_REQUEST_TEMPLATE/security.md |
| 2 | Wire the AI prompt into your PR review bot | Cursor / Claude Code / CI agent |
| 3 | Train the team on which PRs need the card | Engineering handbook |
Coming in v1.0
- A realistic filled-in example PR with this card applied
- An AI prompt that generates the filled card from a diff
- A GitHub Actions integration that attaches the card automatically