// Review changed code against project standards. Checks for missing tests, dead code, type safety, lint issues, and coding conventions. Run after completing any implementation work.
Complete Hindsight documentation for AI agents. Use this to learn about Hindsight architecture, APIs, configuration, and best practices.
Create a new Hindsight-powered subagent with long-term memory. Use when the user wants a specialized agent that learns and remembers across sessions.
Expert memory architect. Understands your application, identifies where memory adds value, and produces an implementation plan with bank config, tag schema, and code.
Store team knowledge, project conventions, and learnings from tasks. Use to remember what works and recall context before new tasks. Connects to Hindsight Cloud. (user)
Store user preferences, learnings from tasks, and procedure outcomes. Use to remember what works and recall context before new tasks. (user)
Store team knowledge, project conventions, and learnings from tasks. Use to remember what works and recall context before new tasks. Connects to a self-hosted Hindsight server. (user)
| name | code-review |
| description | Review changed code against project standards. Checks for missing tests, dead code, type safety, lint issues, and coding conventions. Run after completing any implementation work. |
| user_invocable | true |
Review all changed code against the project's quality standards and coding conventions.
Read and internalize these standards before writing code. The review steps below verify compliance.
NEVER use raw dict types for structured data — this applies to all code, including internal helpers and private functions. If the dict has known keys, it must be a dataclass or Pydantic model:
BaseModel for all data structures passed between functions@dataclass for lightweight internal data containers when Pydantic validation isn't needed@field_validator for type coercion (e.g., ensuring datetimes are timezone-aware)dict.get() patterns - use typed model attributes insteaddict usage is for truly dynamic/unknown keys (e.g., arbitrary metadata, JSON blobs with no fixed schema)# BAD - error-prone dict access
def process(data: dict) -> str:
return data.get("name", "") # No validation, silent failures
# GOOD - typed and validated
class UserData(BaseModel):
name: str
created_at: datetime
@field_validator("created_at", mode="before")
@classmethod
def ensure_tz_aware(cls, v):
if isinstance(v, str):
v = datetime.fromisoformat(v.replace("Z", "+00:00"))
if v.tzinfo is None:
return v.replace(tzinfo=timezone.utc)
return v
def process(data: UserData) -> str:
return data.name # Type-safe, validated at construction
# BAD - no context for future readers
results = await asyncio.gather(*tasks, return_exceptions=True)
# GOOD - explains the non-obvious choice
# Use return_exceptions=True to avoid cancelling sibling tasks on failure.
# Previously we used TaskGroup but it cancelled all tasks when one failed,
# causing partial writes that left orphaned entity links (see #412).
results = await asyncio.gather(*tasks, return_exceptions=True)
origin/main — rebase to ensure a clean base.git log --oneline main..HEAD to list all commits on the branch.origin/main (no stale base).Run git diff --name-only HEAD (unstaged) and git diff --cached --name-only (staged) to get all changed files. If there are no local changes, diff against the base branch using git diff main...HEAD --name-only and git diff main...HEAD to review all commits on the current branch.
./scripts/hooks/lint.sh
Report any failures. Do NOT fix them yourself — just report.
For each changed Python file, check for:
For each changed TypeScript file, check for:
For each changed Python file, check for violations:
dict for structured data — must use Pydantic model or dataclass, even for internal/private functions (only exception: truly dynamic/unknown keys)@field_validator for datetime fields that should be timezone-awareFor each new or significantly changed function/endpoint/class:
Flag any new logic that lacks test coverage.
If any files in hindsight-api-slim/hindsight_api/api/ were changed:
./scripts/generate-openapi.sh)./scripts/generate-clients.sh)hindsight-control-plane/src/app/api/)For each non-trivial change:
If any files in hindsight-integrations/ were added or changed, verify:
tests/ directory with meaningful test files..github/workflows/test.yml for a corresponding test-<name>-integration job. If missing, flag it.VALID_INTEGRATIONS array in scripts/release-integration.sh. If missing, flag it.If any new MCP tools were added or existing tools renamed in hindsight-api-slim/hindsight_api/mcp_tools.py:
_ALL_TOOLS set in mcp_tools.py — must include the new tool nametools_to_register default set in register_mcp_tools() in mcp_tools.py — must include the new tool name_SINGLE_BANK_TOOLS set in hindsight-api-slim/hindsight_api/api/mcp.py — must include the new tool if it is bank-scoped (not a bank-management tool like list_banks/create_bank)MCP_TOOL_GROUPS in hindsight-control-plane/src/components/bank-config-view.tsx — must include the new tool in the appropriate group for the UI tool selectortest_mcp_tools.py) — must be updated to reflect the new countCheck the diff for violations of the standards listed above:
Present a clear summary organized by severity:
Must fix — issues that will break CI or violate hard project rules:
Should fix — issues that hurt code quality:
Note — observations that may or may not need action:
For each finding, include the file path, line number, and a brief explanation.
Do NOT auto-fix any issues. Report all findings and let the user decide what to address. If there are no findings, confirm the code looks good.