ワンクリックで
workflows-review
Perform exhaustive code reviews using multi-agent analysis and dynamic skill discovery
Codex または Claude でインストール この Prompt をコピーして Codex、Claude、または他のアシスタントに貼り付けると、Skill ページを確認してインストールできます。
メニュー
Perform exhaustive code reviews using multi-agent analysis and dynamic skill discovery
Codex または Claude でインストール この Prompt をコピーして Codex、Claude、または他のアシスタントに貼り付けると、Skill ページを確認してインストールできます。
SOC 職業分類に基づく
Generate clean, minimal technical SVG diagrams in a consistent Cloudflare-inspired style. Use when creating architecture diagrams, flow diagrams, or component diagrams for blog posts and documentation.
Guides creation and improvement of best-practice agent skills following the open format specification. Covers frontmatter, directory structure, progressive disclosure, reference files, rules folders, degrees of freedom, content patterns, executable scripts, MCP tool references, evaluations, cross-model testing, and a ten-dimension audit protocol for existing skills. Use when creating a new skill, authoring SKILL.md, setting up a rules-based audit skill, structuring a skill bundle, writing scripts inside a skill, evaluating a skill, improving or rewriting an existing skill, or asking "how to write a skill", "improve this skill", "audit my skill", or "review this SKILL.md".
Diagnoses Erivault application behavior across product docs, repo code, Cloudflare, Neon Postgres, queues, Durable Objects, R2 assets, AI Gateway, media workflows, browser, and mobile capture state. Use when investigating Erivault bugs, asking "what happened", checking logs, verifying deploys, debugging capture evidence, or designing testable diagnostics.
Design a new product module's full screen set in the Erivault `erivault-web` Paper file, reusing the established design system (tokens, shell, components) and grounded in the module's ADR + implementation plan. Covers researching the existing system, extracting authoritative tokens, planning the state×role×platform matrix, building screens via duplicate-and-adapt, and tying into existing surfaces. Use when designing a new module or surface (tenancies, inspections, renewals, capture, packs...) in Paper, extending the erivault-web design file, building all states/roles for a feature on web and mobile, or when the user says "design the X module", "design a new flow", "design X in the Paper board", "add the screens for X", or "make it consistent with our design system".
View and edit cmux settings in ~/.config/cmux/cmux.json. Use when the user wants to change cmux preferences (appearance, sidebar, notifications, automation, browser, shortcuts), set a value by JSON path, validate the file, open it in an editor, or look up which keys cmux recognizes. Triggers on '/cmux-settings', 'change cmux setting', 'set <something> in cmux', 'cmux config', 'cmux.json', or 'rebind a cmux shortcut'.
Execute work plans efficiently while maintaining quality and finishing features
| name | workflows-review |
| description | Perform exhaustive code reviews using multi-agent analysis and dynamic skill discovery |
When this skill needs user questions, todo/progress tracking, subagents, or another skill, use the active runtime equivalents in RUNTIME_TOOLS.md.
Adhere to the Builder Ethos (ETHOS.md): Boil the Lake, Search Before Building, User Sovereignty.
Perform exhaustive code reviews using multi-agent analysis, dynamic skill/agent discovery, and optional prd.json integration.
gh) installed and authenticated<review_target> $ARGUMENTS </review_target>
Target Detection:
| Input | Type | Action |
|---|---|---|
Numeric (e.g., 123) | PR number | gh pr view 123 --json |
| GitHub URL | PR URL | Extract PR number, fetch metadata |
docs/plans/*/ path | Plan folder | Review against prd.json stories |
| Branch name | Branch | Checkout or worktree |
| Empty | Current branch | Review current branch changes |
Setup Tasks:
git worktree add ../<branch> <branch> (use absolute paths after)gh pr view --json title,body,files,baseRefNameYou MUST discover and run agents. This is not optional. Do not skip agents. Do not rationalize running fewer agents.
Discover Review Agents:
# Core and auxiliary agents by runtime
find ~/.claude/agents -name "*.md" 2>/dev/null
find ~/.codex/agents -name "*.toml" 2>/dev/null
find ~/.config/opencode/agents -name "*.md" 2>/dev/null
# Plugin agents when exposed by the active agent runtime
find ~/.codex/plugins ~/.claude/plugins ~/.config/opencode/plugins -path "*/agents/*" 2>/dev/null
Extract agent metadata:
for agent in $(find ~/.claude/agents ~/.codex/agents ~/.config/opencode/agents ~/.codex/plugins ~/.claude/plugins ~/.config/opencode/plugins -path "*/agents/*" 2>/dev/null); do
name=$(sed -n '/^---$/,/^---$/p' "$agent" | grep "^name:" | cut -d: -f2- | xargs)
[ -z "$name" ] && name=$(grep '^name = ' "$agent" | cut -d= -f2- | tr -d '" ' | xargs)
category=$(dirname "$agent" | xargs basename)
echo "AGENT|$name|$category"
done
Agent sources:
| Source | Agents | Purpose |
|---|---|---|
| Active runtime user agents | security-sentinel, performance-oracle, architecture-strategist, code-simplicity-reviewer, kieran-typescript-reviewer, pattern-recognition-specialist | Core review |
| Active runtime user agents | design-implementation-reviewer, figma-design-sync | UI review |
| Active runtime user agents | git-history-analyzer | Historical context |
| pr-review-toolkit plugin | code-reviewer, silent-failure-hunter, type-design-analyzer, pr-test-analyzer, comment-analyzer | PR-specific review |
| pr-review-toolkit plugin | code-simplifier | Active code simplification |
| code-review plugin | code-review | Active code review |
Simplification Agents - Different Roles:
| Agent | Type | When to Use |
|---|---|---|
code-simplicity-reviewer | Audit | Identifies complexity issues, flags for review |
code-simplifier | Refactor | Actively simplifies code, applies changes |
Use code-simplicity-reviewer during review phase, code-simplifier after implementation for cleanup.
Discover Relevant Skills:
find ~/.agents/skills -name "SKILL.md" 2>/dev/null
find ~/.codex/plugins ~/.claude/plugins ~/.config/opencode/plugins -path "*/skills/*/SKILL.md" 2>/dev/null
Skill Categories for Reviews:
| Skill | Use When PR Contains |
|---|---|
vercel-react-best-practices | React, Next.js components |
vercel-composition-patterns | Component architecture |
emil-design-engineering | UI, forms, accessibility |
web-animation-design | Animations, transitions |
web-design-guidelines | UX, accessibility |
stripe-best-practices | Payment code |
Core Review Agents (always run):
security-sentinel with prompt ("Review these changed files for security vulnerabilities: <changed_files>")performance-oracle with prompt ("Review these changed files for performance issues: <changed_files>")architecture-strategist with prompt ("Review these changed files for architectural concerns: <changed_files>")code-simplicity-reviewer with prompt ("Review these changed files for unnecessary complexity: <changed_files>")pattern-recognition-specialist with prompt ("Review these changed files for anti-patterns: <changed_files>")code-reviewer with prompt ("Review these changed files for code quality issues: <changed_files>")Every single one. No exceptions.
Conditional Agents:
| Condition | Agent | Source |
|---|---|---|
| TypeScript files | kieran-typescript-reviewer | active runtime user agents |
| UI components | design-implementation-reviewer | active runtime user agents |
| New types defined | type-design-analyzer | pr-review-toolkit plugin |
| Error handling code | silent-failure-hunter | pr-review-toolkit plugin |
| Test files | pr-test-analyzer | pr-review-toolkit plugin |
| Comments added | comment-analyzer | pr-review-toolkit plugin |
| Plan folder has breadboard | breadboard-reflection | skill |
If a conditional agent's trigger exists in the changeset, you MUST launch it. Do not skip.
Breadboard-Reflection Agent (when plan folder has breadboard):
Load the /breadboard-reflection skill and run these checks against the implementation:
Research Agent:
Launch subagent `git-history-analyzer`: "Analyze historical context for changed files"
Do NOT move to the next step until every launched agent has returned findings. Collect all results before synthesizing.
For React/Next.js PRs:
skill: vercel-react-best-practices
skill: vercel-composition-patterns
For UI PRs:
skill: emil-design-engineering
skill: web-animation-design
skill: web-design-guidelines
UI Review Checklist (from emil-design-engineering):
prefers-reduced-motion support@media (hover: hover)transition: allDeveloper Perspective:
Operations Perspective:
End User Perspective:
Security Perspective:
Scenario Checklist:
Synthesis Tasks:
Severity Definitions:
| Level | Name | Description | Examples |
|---|---|---|---|
| P1 | Critical | Blocks merge | Security vulnerabilities, data corruption, breaking changes |
| P2 | Important | Should fix | Performance issues, architectural concerns, reliability |
| P3 | Nice-to-have | Enhancements | Code cleanup, minor improvements, docs |
Choose output format based on review target:
If reviewing against a plan folder with prd.json:
{
"stories": [
{
"id": 1,
"title": "...",
"review_findings": [
{
"severity": "P1",
"category": "security",
"agent": "security-sentinel",
"finding": "SQL injection risk in user input",
"file": "src/api/users.ts:42",
"suggestion": "Use parameterized queries"
}
]
}
],
"log": [
{
"timestamp": "2026-02-03T12:00:00Z",
"action": "review",
"agents": ["security-sentinel", "performance-oracle", ...],
"findings_count": { "P1": 2, "P2": 5, "P3": 3 }
}
]
}
Use file-todos skill for structured todo management:
skill: file-todos
File naming:
{id}-pending-{priority}-{description}.md
Examples:
001-pending-p1-sql-injection-vulnerability.md
002-pending-p2-n-plus-one-query.md
003-pending-p3-unused-import.md
Todo structure:
## Review Complete
**Target:** PR #XXX - [Title]
**Branch:** [branch-name]
### Findings Summary
| Severity | Count | Status |
|----------|-------|--------|
| P1 Critical | X | BLOCKS MERGE |
| P2 Important | X | Should fix |
| P3 Nice-to-have | X | Optional |
### Agents Used
**From active runtime user agents:**
- [dynamically list agents that ran]
**From plugins:**
- [dynamically list plugin agents that ran]
### Skills Applied
- [dynamically list skills that were loaded]
### Output
- [ ] prd.json updated with review_findings (if plan folder)
- [ ] Todo files created in todos/ (if PR review)
- [ ] PR comments posted (if requested)
### Next Steps
**If P1 findings exist:**
1. Address all P1 issues before merge
2. Re-run review after fixes
**For all findings:**
1. Triage: `/triage`
2. Fix, validate, ship: `/workflows-finalize`
3. Track progress in todo files or prd.json
~/.claude/agents/*.md
~/.codex/agents/*.toml
~/.config/opencode/agents/*.md
runtime plugin agent paths when exposed
~/.agents/skills/*/SKILL.md
runtime plugin skill paths when exposed
When reviewing a plan folder:
review_findings array/workflows-work can then address findings per-story/workflows-finalize can fix, validate, and ship