Installing reg-suit adds npm packages to the selected project environment; pin the reviewed package version and avoid global installs for review work., reg-suit can publish image snapshots and HTML reports through storage plugins such as S3 or Google Cloud Storage; review destination configuration before running in shared CI., Visual baselines can normalize accidental UI changes if accepted too casually; require owner approval for broad layout, color, text, or viewport changes., The source ZIP is external and version-pinned for reference; package trust should remain a maintainer decision.
Privacy notes
Rendered UI images and reports can expose environment URLs, branch names, visible UI text, test account data, and product screenshots., Storage and notification plugins can publish report links to CI systems, pull request comments, chat tools, or cloud buckets., Keep public review notes focused on changed components, thresholds, artifact links, and summarized findings; omit sensitive rendered content that does not need to be public.
4 safety and 3 privacy notes across 3 risk areas. Review closely: network access.
3 areas
SafetyExecution & processesInstalling reg-suit adds npm packages to the selected project environment; pin the reviewed package version and avoid global installs for review work.
SafetyExecution & processesreg-suit can publish image snapshots and HTML reports through storage plugins such as S3 or Google Cloud Storage; review destination configuration before running in shared CI.
SafetyGeneralVisual baselines can normalize accidental UI changes if accepted too casually; require owner approval for broad layout, color, text, or viewport changes.
SafetyGeneralThe source ZIP is external and version-pinned for reference; package trust should remain a maintainer decision.
PrivacyGeneralRendered UI images and reports can expose environment URLs, branch names, visible UI text, test account data, and product screenshots.
PrivacyNetwork accessStorage and notification plugins can publish report links to CI systems, pull request comments, chat tools, or cloud buckets.
PrivacyGeneralKeep public review notes focused on changed components, thresholds, artifact links, and summarized findings; omit sensitive rendered content that does not need to be public.
Safety notes
Installing reg-suit adds npm packages to the selected project environment; pin the reviewed package version and avoid global installs for review work.
reg-suit can publish image snapshots and HTML reports through storage plugins such as S3 or Google Cloud Storage; review destination configuration before running in shared CI.
Visual baselines can normalize accidental UI changes if accepted too casually; require owner approval for broad layout, color, text, or viewport changes.
The source ZIP is external and version-pinned for reference; package trust should remain a maintainer decision.
Privacy notes
Rendered UI images and reports can expose environment URLs, branch names, visible UI text, test account data, and product screenshots.
Storage and notification plugins can publish report links to CI systems, pull request comments, chat tools, or cloud buckets.
Keep public review notes focused on changed components, thresholds, artifact links, and summarized findings; omit sensitive rendered content that does not need to be public.
Prerequisites
UI change, pull request, or release candidate with rendered image artifacts
reg-suit configuration such as `regconfig.json`
Baseline image source, actual image directory, and generated report location
Threshold policy for accepted pixel or rate differences
CI logs, storage configuration, and reviewer policy for accepting baseline changes
.gemini/skills/<skill-name>/SKILL.md or .agents/skills/<skill-name>/SKILL.md
cursor
Adapter
.cursor/rules/<skill-name>.mdc
cli
Manual
AGENTS.md or tool-specific context file
Full copyable content
# Trigger
"Apply the reg-suit visual regression review capability pack to this UI change."
# Required output
1) reg-suit package/source version and config inventory
2) Baseline, actual image, threshold, and report review
3) Visual-diff findings with release-blocking and non-blocking issues
4) Validation plan and merge, hold, or request-changes recommendation
About this resource
Knowledge Freshness
This capability pack is pinned to reg-suit CLI package 0.14.5, the reg-suit source release v0.14.6, npm metadata, and source files verified on 2026-06-03. The source release contains packages/reg-suit-cli/package.json with package name reg-suit and version 0.14.5.
Prefer current reg-suit source, npm metadata, and repository documentation over model memory for CLI commands, plugin names, threshold options, and report behavior.
Scope Note
This is not a Playwright E2E testing skill, a generic rendered-page workflow, or an after-edit hook. Use it for human-in-the-loop review of reg-suit visual regression artifacts: baselines, actual image sets, diff reports, thresholds, storage plugins, notification plugins, and release decisions.
Core Workflow
Confirm the reg-suit package version, source release, npm metadata, repository status, and install path used for review.
Locate regconfig.json and inventory core.workingDir, core.actualDir, thresholdRate, thresholdPixel, matchingThreshold, antialias handling, x-img-diff settings, and concurrency.
Confirm the baseline source, actual image source, expected branch or commit key, and whether the comparison target matches the release branch.
Review generated reports for changed regions, inserted or moved areas, missing images, viewport-specific drift, font rendering changes, and component-level ownership.
Classify visual changes as intentional, suspicious, release-blocking, flaky capture, environment mismatch, or baseline-maintenance noise.
Build a validation plan: recapture steps, targeted page checks, owner review, usability spot checks when visual changes affect text or controls, and CI reruns for flaky captures.
Produce a release recommendation with evidence links, accepted baseline list, blockers, follow-up owners, and a merge, hold, or request-changes decision.
Capability Scope
reg-suit package/source verification
regconfig.json and plugin review
Baseline and actual image provenance review
Threshold and antialias policy review
HTML report and visual diff triage
Storage and notification behavior review
CI visual QA gate review
Evidence-based release decision for UI changes
Compatibility
Native
Claude Code / Claude: use as a reusable Agent Skill for visual regression review and release gating.
Codex/OpenAI workflows: use as SKILL.md-style instructions for UI artifact review.
Manual Adaptation
Windsurf and Gemini: adapt the workflow and output contract into their skill formats.
Cursor and Generic AGENTS files: convert the review rules and validation checklist into repository-level visual QA instructions.
Required Inputs
reg-suit package version and source release
Pull request, release candidate, or UI change summary
regconfig.json and configured plugin list
Baseline image source and actual image directory
Generated report URL or local report path
Threshold policy and owner approval rules for accepting new baselines
Production Rules
Do not accept a new baseline until the visual change is tied to an intentional product or design change.
Do not treat a low diff percentage as safe when the changed region affects navigation, forms, prices, permissions, or critical calls to action.
Do not approve broad baseline churn when only one component was expected to change.
Treat missing, blank, clipped, overlapped, or wrong-viewport images as release-blocking until recaptured.
Keep visual review separate from functional test results; passing E2E tests do not prove the UI rendered correctly.
Require storage and notification destinations to be explicit before publishing visual reports from CI.
Prefer targeted recapture and owner review over raising thresholds to make a noisy run pass.
Validation plan: exact recapture, CI, owner-review, and targeted page checks needed before merge.
Recommendation: merge, hold, request changes, or recapture with evidence.
Troubleshooting
Issue: The report shows widespread pixel drift
Fix: Check rendering environment, fonts, viewport size, animation state, and capture timing before accepting a broad baseline update.
Issue: The target branch has no expected images
Fix: Review the key generator plugin, branch/commit key, storage destination, and CI checkout depth before treating every image as new.
Issue: Thresholds hide meaningful changes
Fix: Lower the threshold or split critical pages into stricter scenarios. Escalate changes affecting navigation, forms, pricing, permissions, or primary actions.
Issue: Report links are unavailable after CI finishes
Fix: Check publisher plugin settings, bucket permissions, report retention, and whether notification plugins point reviewers to the same report generated by the run.
Issue: Baselines keep changing without product changes
Fix: Stabilize fonts, viewport, locale, time, seeded data, animation state, and network fixtures before approving new images.
Validation Checklist
reg-suit package version, source release, npm metadata, and docs verified.
regconfig.json found and reviewed.
Baseline source and actual image directory identified.
Thresholds and antialias settings checked against project policy.
Storage and notification plugins inventoried.
Changed images and changed regions reviewed.
Missing, blank, clipped, and wrong-viewport captures checked.
Intentional visual changes tied to product or design evidence.
Recapture and owner-review requirements documented.
Merge, hold, request-changes, or recapture recommendation recorded.
Show that Reg-suit Visual Regression Review Capability Pack Skill is listed on HeyClaude. Paste this Markdown into your README — it renders the badge and links back to this page.
[](https://heyclau.de/entry/skills/reg-suit-visual-regression-review-capability-pack)
How it compares
Reg-suit Visual Regression Review Capability Pack Skill side by side with 3 alternatives on trust, install, platform support, and disclosed safety notes — all from reviewed registry metadata.
✓Installing reg-suit adds npm packages to the selected project environment; pin the reviewed package version and avoid global installs for review work.
reg-suit can publish image snapshots and HTML reports through storage plugins such as S3 or Google Cloud Storage; review destination configuration before running in shared CI.
Visual baselines can normalize accidental UI changes if accepted too casually; require owner approval for broad layout, color, text, or viewport changes.
The source ZIP is external and version-pinned for reference; package trust should remain a maintainer decision.
✓Installing Vitest and coverage providers adds npm packages to the selected project environment; pin reviewed versions and use project-local installs.
Coverage runs execute the project test suite and can use test fixtures, network mocks, databases, or generated artifacts configured by the project.
Vitest coverage can clean the configured reports directory before a run; confirm the reports directory is disposable before enabling coverage in shared workflows.
Threshold changes can block or unblock CI; review threshold updates separately from test additions.
The source ZIP is external and version-pinned for reference; package trust should remain a maintainer decision.
✓Installing Spectral adds npm packages to the selected project environment; pin the reviewed version and avoid global installs for review work.
Spectral can lint local files, globs, and remote contract URLs; review source locations before running checks in shared CI.
Ruleset changes can silently weaken future API gates; review disabled rules, severity changes, and overrides as release-impacting changes.
JavaScript rulesets and custom functions such as `.spectral.js` execute Node.js code; do not run attacker-supplied rulesets from untrusted PRs unless they have been inspected and executed in a sandboxed environment.
The source ZIP is external and version-pinned for reference; package trust should remain a maintainer decision.
✓Installing Renovate adds an npm package to the selected project environment; pin the reviewed version and avoid global installs for review work.
Renovate can update dependency manifests and lockfiles; review generated diffs before approving automerge or grouped updates.
Major upgrades, runtime dependencies, toolchain changes, and lockfile churn should be treated as release-blocking until tests and smoke checks pass.
The source ZIP is external and version-pinned for reference; package trust should remain a maintainer decision.
Privacy notes
✓Rendered UI images and reports can expose environment URLs, branch names, visible UI text, test account data, and product screenshots.
Storage and notification plugins can publish report links to CI systems, pull request comments, chat tools, or cloud buckets.
Keep public review notes focused on changed components, thresholds, artifact links, and summarized findings; omit sensitive rendered content that does not need to be public.
✓Coverage output can reveal source paths, module names, uncovered function names, branch structure, report file names, and project layout.
HTML, JSON, LCOV, and JUnit artifacts can include snippets, line ranges, and package structure from the reviewed project.
Keep public review notes focused on aggregate gaps, file groups, risk areas, and validation commands; omit sensitive implementation details that do not need to be public.
✓OpenAPI files can reveal internal route names, hostnames, example payloads, business object names, and planned endpoints.
Lint reports can include source paths, schema paths, rule names, snippets, and examples from the reviewed contract.
Keep public review notes focused on rule IDs, contract paths, compatibility impact, and summarized examples; omit details that do not need to be public.
✓Dependency metadata can reveal package names, repository layout, branch names, internal registry hosts, and release cadence.
Keep public review notes focused on package names, versions, config keys, and test results; omit operational details that do not need to be public.
Prerequisites
UI change, pull request, or release candidate with rendered image artifacts
reg-suit configuration such as `regconfig.json`
Baseline image source, actual image directory, and generated report location
Threshold policy for accepted pixel or rate differences
JavaScript or TypeScript project using Vitest or evaluating a Vitest coverage gate
Test command, package manager, and `vitest.config` or Vite config
Current coverage report, changed-file context, or uncovered source inventory
Project risk areas, owner expectations, and release policy for test gaps
OpenAPI v2, v3.0, or v3.1 contract file set
Spectral ruleset such as `.spectral.yaml` or an explicit ruleset path
Lint output, CI output, or proposed contract diff
API owner expectations for breaking changes, naming, examples, and release gates
Renovate dependency upgrade PR, config diff, or dependency dashboard item
Dependency manifest and lockfile diff for the reviewed package manager
Renovate config source such as `renovate.json`, package config, or inherited presets
Release notes, changelog, package metadata, or source tag for the updated dependency