Menu
Review against canons + quality gate, fix findings, verify. Claude-native — no external models.
Install with Codex or Claude Copy this prompt, paste it into Codex, Claude, or another assistant, and let it review the skill page and install it for you.
Based on SOC occupation classification
| name | cleanup |
| description | Review against canons + quality gate, fix findings, verify. Claude-native — no external models. |
Review existing code against canons and the quality gate, fix findings, verify.
No arguments? Describe this skill and stop. Do not execute.
/cleanup is the focused quality pass. The quality gate catches deterministic violations (secrets, injection, async void, naming). Claude catches subjective issues (canon anti-patterns, rubric criteria, design smells). Together they cover both static analysis and expert review — no external models, no MCP servers.
Cost: Gate run + Claude reading/fixing. Minutes.
| Flag | Purpose |
|---|---|
--dry-run | Run gate + review only, show findings, don't fix |
Determine what expertise applies to the target code. Check files in scope:
| Signal | Canon |
|---|---|
.ts, .tsx, tsconfig.json | typescript, javascript |
.js, .jsx, .mjs | javascript |
.cs, *.csproj | csharp-depth |
.java | java |
angular.json, *.component.ts | angular |
.sql files OR SQL strings in source | database |
.css, .scss, .html with components | ui-ux |
*.test.*, *.spec.* | testing patterns |
.md, README | writing, docs |
Load the matching canon SKILL.md files from .claude/canon/. Extract the anti-patterns and core principles sections from each. These become the review criteria.
If .claude/rubric/AUTO-DETECT.md exists, also load matching rubrics for additional criteria.
Combine all extracted principles into {CANON_CRITERIA} — a numbered list of specific things to check.
Run the quality gate against the target:
tsx .claude/scripts/quality-gate.ts {TARGET} 2>&1
If the gate script is not at that path, search for it:
find . -path "*/.claude/scripts/quality-gate.ts" 2>/dev/null | head -1
Parse the output for violations. Each violation becomes a finding with:
shell-injection, async-void, hardcoded-secret)Gate violations are deterministic — they must be fixed.
Read ALL target files with canons loaded. Review against:
{CANON_CRITERIA}.claude/rubric/)Produce findings in the same format:
FINDING: {severity} | {category} | {file:line} | {description} | {suggested fix}
Severity levels:
Combine gate violations and Claude review findings. Deduplicate — if the gate already caught something (e.g., shell injection), don't repeat it from the review.
Sort all findings by severity: CRITICAL → HIGH → MEDIUM → LOW.
If --dry-run was specified, print the findings report and stop here. Do not fix anything.
If zero CRITICAL/HIGH findings and gate passed, print the clean report and stop. Nothing to fix.
Work through findings by priority. For each finding:
CRITICAL — fix all, no exceptions.
HIGH — fix all.
MEDIUM — fix if contained.
LOW — fix if trivial.
ALLOWED:
FORBIDDEN:
Run the quality gate again:
tsx .claude/scripts/quality-gate.ts {TARGET} 2>&1
Gate violations must be zero — deterministic issues must be resolved.
Re-read changed files. Confirm subjective fixes landed correctly. Check for:
Apply fixes for any remaining CRITICAL or HIGH items. Skip remaining MEDIUM/LOW — diminishing returns.
Fix the regression. This takes priority over everything.
Fix if CRITICAL or HIGH. Log MEDIUM/LOW in the report but don't chase them — that's a second /cleanup run if the developer wants it.
npm run lint 2>&1 || true
npm test 2>&1 || true
If tests fail due to fixes, fix the code to pass the existing tests. Do not modify tests to match new code.
## /cleanup Report: {target}
### Gate Violations
| Severity | Count |
|----------|-------|
| Critical | N |
| High | N |
| Medium | N |
| Low | N |
### Review Findings
| Severity | Count |
|----------|-------|
| Critical | N |
| High | N |
| Medium | N |
| Low | N |
### Fixes Applied
| # | Severity | File:Line | What | Canon |
|---|----------|-----------|------|-------|
| 1 | HIGH | src/auth.ts:30 | Added input validation | security-mindset |
| 2 | MEDIUM | src/utils.ts:15 | Inlined single-use wrapper | refactoring |
### Verification
- Gate rerun: {pass | N remaining violations}
- Review recheck: {clean | N remaining findings}
- Regressions: N
- Verdict: {clean | has-remaining | has-regressions}
### Skipped (by design)
- N LOW findings (cosmetic/style)
- N MEDIUM findings (would require new files or deps)
### Test/Lint
- Lint: {pass | N warnings | N errors}
- Tests: {pass | N failures}
CLEANUP_COMPLETE: {N} fixes applied, verified by gate + review
| Situation | Command |
|---|---|
| Existing code needs cleanup | /cleanup src/path |
| One small targeted change | /change |
| Just want to see issues, no fixing | /cleanup --dry-run or /code-scan |
Audit a project against a canon's rules and checklist. Read-only — produces prioritized report without fixing. Works with any canon (nextjs, sql, typescript, etc.).
Lens home base - status, help, and setup
Plan and build a new feature with quality gates.
Simple changes done right. Make the change, clean up after yourself, report what happened.
Plan and improve existing code with quality gates.
13-dimension comprehensive code scanner. Read-only — reports CODE_SCAN_INDEX without making changes. Language-agnostic with rubric augmentation via AUTO-DETECT.md.