fresh-eyes-reviewlisted

# Fresh-Eyes Review ## Core Principle **"NO COMMIT WITHOUT FRESH-EYES REVIEW FIRST"** This represents a final quality gate executed *after* implementation completion, passing tests, and peer review. The discipline applies universally, even without explicit skill activation. ## Key Distinctions Fresh-eyes review differs fundamentally from testing and code review: | Approach | Focus | Blind Spots | |----------|-------|-------------| | **Testing** | Validates expected behavior | Can't test for unknown edge cases | | **Code review** | Patterns and quality | Reviewer trusts author's intent | | **Fresh-eyes** | Deliberate re-reading with psychological distance | Catches what you thought was correct | **Critical insight**: "100% test coverage and passing scenarios" can coexist with "critical bugs" waiting discovery. ## Required Process ### Step 1 - Announce Commitment Explicitly declare: "Starting fresh-eyes review of [N] files. This will take 2-5 minutes." This announcement creates accountability and reframes your mindset from implementation to audit. ### Step 2 - Security Vulnerability Checklist Review all touched files for security issues: | Vulnerability | What to Check | |---------------|---------------| | **SQL Injection** | All database queries use parameterized statements, never string concatenation | | **XSS** | All user-provided content is escaped before rendering in HTML | | **Path Traversal** | File paths are validated, `../` sequences rejected or normalize