From sd0x-dev-flow
Performs code reviews for PRs, audits, and changes using Codex MCP. Outputs severity-grouped findings and merge gates. Variants: fast (diff), full (lint/build checks), branch.
npx claudepluginhub sd0xdev/sd0x-dev-flow --plugin sd0x-dev-flowThis skill is limited to using the following tools:
<!-- Security note: Bash(bash:*) is broader than ideal; cannot scope to specific
Reviews code changes using parallel personas for correctness, testing, maintainability, and conditional areas like security, performance, APIs. Merges into P0-P3 severity reports for PR prep and iterative feedback.
Reviews local git changes, PRs/MRs, or branch diffs against coding guidelines using 5-7 parallel agents for bugs, security/logic, compliance, simplification, tests, and contracts. Deep mode auto-fixes iteratively.
Mandates invoking relevant skills via tools before any response in coding sessions. Covers access, priorities, and adaptations for Claude Code, Copilot CLI, Gemini CLI.
Share bugs, ideas, or general feedback.
doc-review)security-review)test-review)code-explore)| Variant | Command | Scope | Pre-checks |
|---|---|---|---|
| Fast | /codex-review-fast | Diff only | None |
| Full | /codex-review | Diff + local checks | lint:fix + build |
| Branch | /codex-review-branch | Full branch | None |
Step 0 (PENDING) → Collect changes → [Pre-checks if Full] → Dual Review (Codex + Task) → Await Results → Aggregate → Emit Gate → Loop if Blocked
Execute: bash scripts/emit-review-gate.sh PENDING
This sets review_mode=dual and aggregate_gate.executed=false in state file, ensuring fail-closed semantics — if the process crashes before Step 4.5, stop-guard blocks.
Collect metadata only — Codex reads the actual diffs and file contents itself via sandbox access.
| Variant | Collection Method |
|---|---|
| Fast | CHANGED_FILES: git diff --name-only HEAD + DIFF_STAT: git diff --stat HEAD |
| Full | Same as Fast |
| Branch | Same + CURRENT_BRANCH + BASE_BRANCH + COMMIT_COUNT |
Codex independently reads full diffs and file contents via git diff HEAD -- <file> + cat (per research instructions).
Execute: bash scripts/resolve-feature.sh → parse JSON output.
| Field | Use |
|---|---|
has_requests | Gate: only proceed if true |
docs_path | Glob for request docs |
confidence | Require >= medium |
If has_requests=true AND confidence in (high, medium):
${docs_path}/requests/*.md, sort descending, take latest## Acceptance Criteria section (parse - [ ] / - [x] items)/codex-review-fast, /codex-review-doc, /codex-review, /precommit, /precommit-fast, /pr-reviewSPEC_CHECKLIST variable, set REQUEST_DOC_PATHGraceful degradation: resolve-feature fails / no requests / no AC section / parse error → SPEC_CHECKLIST = null (skip silently).
Prerequisite: Requires R4 (Nit History Persistence) hook-side write path. Until R4 is deployed,
.claude_nit_history.jsonwill not exist and this step is a no-op (graceful degradation).
Read .claude_nit_history.json (if exists):
.deferred[] entries where last_seen + ttl_days > nowcanonical_issue <= 120 chars (truncate)**, backticks, #, >, |)rules/security.md);, &, |, backtick, $()<deferred_context> XML block (max 10 entries)DEFERRED_CONTEXT variableInject into all prompt variants after research instructions, before Review Dimensions:
${DEFERRED_CONTEXT ? DEFERRED_CONTEXT : ''}
Format:
<deferred_context>
Previously deferred (do not re-report without new evidence):
- [Nit] src/service.ts | naming convention (deferred 2x)
- [P2] src/utils.ts | error handling pattern (deferred 1x)
</deferred_context>
Graceful degradation: file missing / invalid JSON / no entries / sanitization failure → DEFERRED_CONTEXT = null (skip silently).
{LINT_FIX_COMMAND}
{BUILD_COMMAND}
These placeholders are resolved from the host project's CLAUDE.md or package.json scripts. Record results as LOCAL_CHECKS.
Case A: First review (no --continue)
Launch two reviewers in parallel (single message, multiple tool calls):
Codex MCP (primary): Use mcp__codex__codex with variant-specific prompt:
| Variant | Prompt Template |
|---|---|
| Fast | references/codex-prompt-fast.md |
| Full | references/codex-prompt-full.md |
| Branch | references/codex-prompt-branch.md |
Config: sandbox: 'read-only', approval-policy: 'never'
Save the returned threadId.
Secondary reviewer: Use Task tool with reviewer selection cascade:
| Priority | Reviewer | subagent_type | Condition |
|---|---|---|---|
| 1 | pr-review-toolkit:code-reviewer | pr-review-toolkit:code-reviewer | Default choice |
| 2 | strict-reviewer | strict-reviewer | Priority 1 fails/times out |
| 3 | Codex-only (degraded) | — | Both unavailable |
Selection: Try priority 1 first. If Task fails or times out (30s), try priority 2. If both unavailable, fall back to Codex-only (degraded mode — proceed with Codex results only, apply degradation matrix from references/review-common.md).
Task prompt (provide changed file list + diff stats, request P0/P1/P2/Nit findings in standard output format):
Review the code changes for correctness, security, performance, and maintainability issues.
## Changed Files
<git diff --name-only output>
## Diff Stats
<git diff --stat output>
Read the actual diffs and file contents yourself to perform the review.
Before reporting findings, independently verify each one:
1. Evidence check: what specific code proves it's real? (file:line)
2. Context check: did you read enough surrounding code?
3. False positive check: could it be intentional design?
4. Severity check: could it be more severe than initially assessed?
5. Gap check: what related issues might you have overlooked?
Only report findings that survive all 5 checks.
Output findings in this format:
- [P0/P1/P2/Nit] file:line issue description → fix recommendation
Group by severity. Include a final gate: ✅ Ready (no P0/P1) or ⛔ Blocked (has P0/P1).
Case B: Loop review (has --continue)
mcp__codex__codex-reply with re-review template from references/review-common.mdCodex is the blocking reviewer — await its result for the initial gate. Secondary runs in background (run_in_background: true) and is non-blocking:
| Secondary Status | Action |
|---|---|
| Completed before Codex | Include in aggregation (Step 4) |
| Completed after Codex, before precommit | Reconcile at pre-precommit checkpoint |
| Still running at precommit | Proceed with Codex gate (authoritative); if late result has P0/P1, re-open fix→re-review loop |
| Failed/timed out | Apply degradation matrix per references/review-common.md § Dual Reviewer Aggregation |
Normalize both sets of findings to unified format: [severity] file:line description → fix
references/review-common.md § Severity Mapping)Deduplicate using key = file + canonical_issue_text (ignore line ±5 difference)
Tag source: source = codex | toolkit | both
Sort: P0 → P1 → P2 → Nit
Gate decision: any P0/P1 → BLOCKED; else → READY
Output format includes source tag:
- [P0] file:line issue → fix [source: both]
- [P1] file:line issue → fix [source: codex]
Execute: bash scripts/emit-review-gate.sh READY or bash scripts/emit-review-gate.sh BLOCKED
This updates aggregate_gate.executed=true and aggregate_gate.gate in the state file.
Then output the standard gate sentinel:
✅ Ready — if READY (no P0/P1)⛔ Blocked — if BLOCKED (has P0/P1)See references/review-common.md for:
⚠️ @CLAUDE.md auto-loop: fix → re-review → ... → ✅ PASS ⚠️
Blocked → fix P0/P1 → /codex-review-fast --continue <threadId> → repeat until Ready.
Ready + P2/Nit → batch fix → 1 Codex --continue verify → evaluate (see rules/auto-loop.md P2/Nit Quality Sweep).
3 rounds on same issue → report blocker, request intervention.
| Reviewer | Loop Behavior |
|---|---|
| Codex MCP | Stateful → mcp__codex__codex-reply(threadId) continues context |
| Secondary | Re-dispatched every iteration (fresh context). Always dispatched in v1 (no skip exception). |
Codex gate is authoritative for timing. Secondary runs non-blocking in background. Aggregation reconciled at pre-precommit checkpoint. Any code edit resets the review cycle — both reviewers must re-run.
Before triggering /precommit, reconcile any pending secondary result:
| Condition | Action |
|---|---|
| Task completed + has P0/P1 | Re-emit BLOCKED → fix → re-review (Codex --continue + Secondary fresh) |
| Task completed + no P0/P1 | Union aggregate → proceed to precommit |
| Task still running | Proceed with Codex gate (authoritative); if late result has P0/P1, re-open fix→re-review loop |
references/review-common.mdreferences/codex-prompt-fast.mdreferences/codex-prompt-full.mdreferences/codex-prompt-branch.mdreferences/codex-research-instructions.mdInput: /codex-review-fast
Action: emit PENDING → git diff → Codex + Task(code-reviewer) parallel → aggregate → emit gate → P0/P1/P2/Nit + Gate
Input: /codex-review --focus "auth"
Action: emit PENDING → lint:fix → build → git diff → Codex + Task parallel (focus: auth) → aggregate → emit gate
Input: /codex-review-branch origin/develop
Action: emit PENDING → branch diff + history → Codex + Task parallel → aggregate → emit gate → Rating table + Findings + Gate
Input: /codex-review-fast (Codex unavailable)
Action: emit PENDING → git diff → Task(code-reviewer) only → degraded aggregate → emit gate + ⚠️ warning