بنقرة واحدة
review
Run evaluator and security reviewer concurrently for comprehensive quality gate.
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
القائمة
Run evaluator and security reviewer concurrently for comprehensive quality gate.
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
استنادا إلى تصنيف SOC المهني
Discover and map an existing codebase before planning or changing it.
Change the behavior of existing code — story-driven by default, or --issue N for a GitHub bug fix. Test-first, full verification, code review.
Use when a planned change touches persisted data shape — ORM models, migration files, schema definitions, serialized formats, or message contracts — in /change, /refactor, or /implement on an existing codebase. Routes schema changes through expand-contract and proves reversibility before any deploy.
Generate production code and tests for a story group using agent teams for parallel execution.
Refactor existing code for quality, performance, or maintainability. Enforces core quality principles with ratchet gate.
Generate test plan, test cases, test data fixtures, and Playwright E2E tests mapped to acceptance criteria.
| name | review |
| description | Run evaluator and security reviewer concurrently for comprehensive quality gate. |
| argument-hint | [story-id] |
| context | fork |
On-demand, pre-merge entry point to the harness's one quality gate: it spawns the same evaluator + security-reviewer agents that /evaluate (Layer 4) and /auto (Gate 7) run in-pipeline, with identical verdict semantics. This skill owns only the on-demand orchestration; the gate's definitions live in /evaluate.
Ultracode tip: Multi-dimension review with adversarial verification is a natural fan-out, so
/effort ultracodepays off on this plain skill form.
/review # reviews the current group in context
/review E3-S1 # reviews a specific story and its group
Use the Agent tool to spawn both agents in a single call — concurrent execution is the point of this skill:
specs/reviews/evaluator-report.md and updates features.json.specs/reviews/security-review.md and the canonical specs/reviews/security-verdict.json.Both agents get the same changed-file set and group context. Every changed file in the group is in scope for both — never pass a subset to avoid findings.
Severity levels (BLOCK/WARN/INFO), the BLOCK self-healing loop (generator fix → full re-run, max 3 cycles, then escalate), and the security verdict format are defined once in /evaluate (.claude/skills/evaluate/SKILL.md) — follow them exactly from there. Do not merge or mark a group complete while any BLOCK finding remains open, and always re-run the full review after fixes.
specs/reviews/evaluator-report.md — PASS/FAIL with per-check detailspecs/reviews/security-review.md — BLOCK/WARN/INFO findings with file referencesspecs/reviews/security-verdict.json — the canonical machine-readable security verdictAll three must exist before the review is complete; a missing output is itself a BLOCK finding.
/evaluate)There are two entry points to the same gate, not two gates:
/evaluate Layer 4 / /auto Gate 7 — the authoritative in-pipeline owner./review — the on-demand pre-merge entry point (this skill).In /auto, Gate 7 already covers it — a separate /review is only needed for manual gating before a merge.