تشغيل أي مهارة في Manus بنقرة واحدة

ابدأ الآن

codex-scan

النجوم٠

التفرعات٠

آخر تحديث١٥ فبراير ٢٠٢٦ في ١٥:٥٤

Read-only code review via Codex. Reports issues without fixing. Independent model perspective.

التثبيت

التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.

تشغيل في Manus

المصدر

Objective-Arts

Objective-Arts/lens

فتح مستودع GitHub عرض مستودعات المنشئ

تنزيل

تشغيل في Manus

المهن ذات الصلةSOC

استنادا إلى تصنيف SOC المهني

محللو ضمان جودة البرمجيات والمختبرونمهن الحاسوب والرياضيات·SOC 15-1253

SKILL.md

readonly

name	codex-scan
description	Read-only code review via Codex. Reports issues without fixing. Independent model perspective.

/codex-scan

Read-only independent code review using OpenAI Codex CLI. Reports issues without making any changes. Provides multi-model triangulation — a different model's perspective on your code.

No arguments? Describe this skill and stop. Do not execute.

Target

If a path argument is provided, review that file/directory. If no argument, review recently modified files (git diff/log). Multiple paths can be provided to scan a set of components.

Process

Step 0: Load Rubric

Read .claude/rubric/AUTO-DETECT.md for the detection table. Then:

Always load: .claude/rubric/base.md and .claude/rubric/product-quality.md
Auto-detect domains: Check target files against the detection table. Load matching domain rubrics (.claude/rubric/web-api.md, .claude/rubric/data-persistence.md, .claude/rubric/cli.md, .claude/rubric/microservice.md).
Extract Review Criteria: From each loaded rubric, collect the numbered items under ## Review Criteria. Combine into a single criteria list for the Codex prompt.

If a rubric file doesn't exist, skip it and continue.

Step 1: Find Code to Review

Find target files:

If path provided, use that
Otherwise, find recently modified files using git diff or git log
Look in: src/, lib/, app/, and project root

If NO code exists, output "no code to review" and stop.

Step 2: Read All Target Code

Read ALL files in scope completely. Do not skim.

Step 3: Call Codex (MANDATORY)

Invoke Codex CLI non-interactively against the target:

cd {TARGET} && codex exec -s read-only -o /tmp/lens-codex-scan.md "PRODUCTION READINESS GATE REVIEW. Score like a senior engineer deciding whether to deploy this to production TODAY. If you wouldn't deploy it, score below 8. Review ALL source code. Score each category 1-10 and cite file:line for every finding.

{RUBRIC_CRITERIA}

SCORING ANCHOR: 8+ = deploy today. 5-6 = needs work. 3-4 = major gaps. CRITICAL = blocks production. HIGH = would cause incidents. Rate overall as min of all category scores." 2>&1

Replace {RUBRIC_CRITERIA} with the combined Review Criteria from all loaded rubric files, numbered sequentially. Example: if base.md has 12 criteria and cli.md has 5, number them (1)-(17).

Note: Test Coverage is handled by the testing phase — do not include it in the rubric criteria.

If codex is not installed, fall back to Step 3b. If it fails for any other reason, log the error and fall back to Step 3b.

Step 3b: Fallback — Pattern Scanner

Run the review-bot.sh script bundled with the codex-review skill:

SKILL_DIR="$(dirname "$(readlink -f workflow-skills/workflow/codex-review/SKILL.md)" 2>/dev/null || echo workflow-skills/workflow/codex-review)"
bash "$SKILL_DIR/review-bot.sh" {TARGET} --run --out /tmp/lens-codex-scan.json

Step 4: Compile Report (DO NOT FIX)

Read /tmp/lens-codex-scan.md (or /tmp/lens-codex-scan.json if fallback was used).

Parse all findings with file:line references. Categorize by:

Security — vulnerabilities, secret leakage, crypto issues
Reliability — cross-filesystem, atomicity, error handling
Operational — UX gaps, CI/CD support, unclear semantics
Architecture — structural issues, coupling, missing abstractions

DO NOT edit any files. Report only.

Step 5: Clean Up

rm -f /tmp/lens-codex-scan.md /tmp/lens-codex-scan.json

Output Format

## Codex Scan: [target]

### Summary

| Metric | Value |
|--------|-------|
| Files scanned | N |
| Total lines | N |
| Overall rating | production-ready / production-leaning / not-production-ready |
| Security issues | N |
| Reliability issues | N |
| Operational issues | N |
| Architecture issues | N |

### Security Issues

1. **[file:line]** — [description]
   - Problem: [what Codex found]
   - Impact: [why it matters]
   - Suggested fix: [how to address]

### Reliability Issues

1. **[file:line]** — [description]
   - Problem: [what Codex found]
   - Suggested fix: [how to address]

### Operational Issues

1. **[file:line]** — [description]
   - Concern: [what Codex found]

### Architecture Issues

1. **[file:line]** — [description]
   - Concern: [what Codex found]

### AI-Generated Antipatterns Detected

- [ ] Over-abstraction (factories/wrappers used once)
- [ ] Defensive checks for impossible cases
- [ ] Reimplementing stdlib
- [ ] Over-commenting obvious code
- [ ] Unnecessary config options
- [ ] Single-use wrapper functions

### Files Reviewed

| File | Lines | Issues |
|------|-------|--------|
| path/to/file.ts | 245 | 2 security, 1 reliability |
| ... | ... | ... |

---
CODEX_RESULT: called - [N] total issues
SCAN_ONLY: no fixes applied

Rules

READ ONLY - Do not edit any files
MUST CALL CODEX - This skill requires the Codex CLI (or falls back to pattern scanner)
COMPLETE - Review all files in scope
ORGANIZE - Group issues by category
ACTIONABLE - Include suggested fixes (but don't apply them)

When to Use

Pre-commit quality check (different perspective from Gemini)
Multi-model triangulation on code quality
Assessing AI-generated code smells
Getting an independent review before PR

Anti-Patterns (Don't Do)

Making any edits to files
Skipping the Codex call
Summarizing without specific line numbers
Hiding or downplaying issues
Applying fixes (use /codex-review for that)

المزيد من هذا المستودع

نفس المستودع

canon-audit

Objective-Arts/lens

Audit a project against a canon's rules and checklist. Read-only — produces prioritized report without fixing. Works with any canon (nextjs, sql, typescript, etc.).

2026-03-020

lens

Objective-Arts/lens

Lens home base - status, help, and setup

2026-03-020

build

Objective-Arts/lens

Plan and build a new feature with quality gates.

2026-03-020

change

Objective-Arts/lens

Simple changes done right. Make the change, clean up after yourself, report what happened.

2026-03-020

cleanup

Objective-Arts/lens

Review against canons + quality gate, fix findings, verify. Claude-native — no external models.

2026-03-020

improve

Objective-Arts/lens

Plan and improve existing code with quality gates.

2026-03-020

name	codex-scan
description	Read-only code review via Codex. Reports issues without fixing. Independent model perspective.

/codex-scan

Read-only independent code review using OpenAI Codex CLI. Reports issues without making any changes. Provides multi-model triangulation — a different model's perspective on your code.

No arguments? Describe this skill and stop. Do not execute.

Target

If a path argument is provided, review that file/directory. If no argument, review recently modified files (git diff/log). Multiple paths can be provided to scan a set of components.

Process

Step 0: Load Rubric

Read .claude/rubric/AUTO-DETECT.md for the detection table. Then:

Always load: .claude/rubric/base.md and .claude/rubric/product-quality.md
Auto-detect domains: Check target files against the detection table. Load matching domain rubrics (.claude/rubric/web-api.md, .claude/rubric/data-persistence.md, .claude/rubric/cli.md, .claude/rubric/microservice.md).
Extract Review Criteria: From each loaded rubric, collect the numbered items under ## Review Criteria. Combine into a single criteria list for the Codex prompt.

If a rubric file doesn't exist, skip it and continue.

Step 1: Find Code to Review

Find target files:

If path provided, use that
Otherwise, find recently modified files using git diff or git log
Look in: src/, lib/, app/, and project root

If NO code exists, output "no code to review" and stop.

Step 2: Read All Target Code

Read ALL files in scope completely. Do not skim.

Step 3: Call Codex (MANDATORY)

Invoke Codex CLI non-interactively against the target:

cd {TARGET} && codex exec -s read-only -o /tmp/lens-codex-scan.md "PRODUCTION READINESS GATE REVIEW. Score like a senior engineer deciding whether to deploy this to production TODAY. If you wouldn't deploy it, score below 8. Review ALL source code. Score each category 1-10 and cite file:line for every finding.

{RUBRIC_CRITERIA}

SCORING ANCHOR: 8+ = deploy today. 5-6 = needs work. 3-4 = major gaps. CRITICAL = blocks production. HIGH = would cause incidents. Rate overall as min of all category scores." 2>&1

Replace {RUBRIC_CRITERIA} with the combined Review Criteria from all loaded rubric files, numbered sequentially. Example: if base.md has 12 criteria and cli.md has 5, number them (1)-(17).

Note: Test Coverage is handled by the testing phase — do not include it in the rubric criteria.

If codex is not installed, fall back to Step 3b. If it fails for any other reason, log the error and fall back to Step 3b.

Step 3b: Fallback — Pattern Scanner

Run the review-bot.sh script bundled with the codex-review skill:

SKILL_DIR="$(dirname "$(readlink -f workflow-skills/workflow/codex-review/SKILL.md)" 2>/dev/null || echo workflow-skills/workflow/codex-review)"
bash "$SKILL_DIR/review-bot.sh" {TARGET} --run --out /tmp/lens-codex-scan.json

Step 4: Compile Report (DO NOT FIX)

Read /tmp/lens-codex-scan.md (or /tmp/lens-codex-scan.json if fallback was used).

Parse all findings with file:line references. Categorize by:

Security — vulnerabilities, secret leakage, crypto issues
Reliability — cross-filesystem, atomicity, error handling
Operational — UX gaps, CI/CD support, unclear semantics
Architecture — structural issues, coupling, missing abstractions

DO NOT edit any files. Report only.

Step 5: Clean Up

rm -f /tmp/lens-codex-scan.md /tmp/lens-codex-scan.json

Output Format

## Codex Scan: [target]

### Summary

| Metric | Value |
|--------|-------|
| Files scanned | N |
| Total lines | N |
| Overall rating | production-ready / production-leaning / not-production-ready |
| Security issues | N |
| Reliability issues | N |
| Operational issues | N |
| Architecture issues | N |

### Security Issues

1. **[file:line]** — [description]
   - Problem: [what Codex found]
   - Impact: [why it matters]
   - Suggested fix: [how to address]

### Reliability Issues

1. **[file:line]** — [description]
   - Problem: [what Codex found]
   - Suggested fix: [how to address]

### Operational Issues

1. **[file:line]** — [description]
   - Concern: [what Codex found]

### Architecture Issues

1. **[file:line]** — [description]
   - Concern: [what Codex found]

### AI-Generated Antipatterns Detected

- [ ] Over-abstraction (factories/wrappers used once)
- [ ] Defensive checks for impossible cases
- [ ] Reimplementing stdlib
- [ ] Over-commenting obvious code
- [ ] Unnecessary config options
- [ ] Single-use wrapper functions

### Files Reviewed

| File | Lines | Issues |
|------|-------|--------|
| path/to/file.ts | 245 | 2 security, 1 reliability |
| ... | ... | ... |

---
CODEX_RESULT: called - [N] total issues
SCAN_ONLY: no fixes applied

Rules

READ ONLY - Do not edit any files
MUST CALL CODEX - This skill requires the Codex CLI (or falls back to pattern scanner)
COMPLETE - Review all files in scope
ORGANIZE - Group issues by category
ACTIONABLE - Include suggested fixes (but don't apply them)

When to Use

Pre-commit quality check (different perspective from Gemini)
Multi-model triangulation on code quality
Assessing AI-generated code smells
Getting an independent review before PR

Anti-Patterns (Don't Do)

Making any edits to files
Skipping the Codex call
Summarizing without specific line numbers
Hiding or downplaying issues
Applying fixes (use /codex-review for that)