메뉴
Internal phase: independent Codex review + targeted fixes. Not user-facing.
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
SOC 직업 분류 기준
| name | codex-review |
| description | Internal phase: independent Codex review + targeted fixes. Not user-facing. |
Internal pipeline phase. Invokes OpenAI Codex CLI for an independent code review, then applies fixes based on its findings. This provides multi-model triangulation — a different model's perspective after Claude implementation and Gemini review.
This is an internal phase. It is called by
/buildand/improveorchestrators. Do not expose as a user command.
Fix ALL findings for production readiness. Every issue gets fixed. No deferring, no "backlog for next cycle," no "appropriate for MVP."
ALLOWED:
FORBIDDEN:
If a finding seems to require restructuring: fix it anyway by restructuring within the existing file. The only acceptable unfixed items are findings that require adding new external dependencies — report those with a one-line explanation.
Read .claude/rubric/AUTO-DETECT.md for the detection table. Then:
.claude/rubric/base.md and .claude/rubric/product-quality.md.claude/rubric/web-api.md, .claude/rubric/data-persistence.md, .claude/rubric/cli.md, .claude/rubric/microservice.md).## Review Criteria. Combine into a single criteria list for the Codex prompt..claude/rubric/product-quality.md, collect the Review Criteria for the product quality review in Step 4.If a rubric file doesn't exist, skip it and continue.
Invoke Codex CLI non-interactively against the target:
cd {TARGET} && codex exec -s read-only -o /tmp/lens-codex-review.md "PRODUCTION READINESS review. Review ALL source code and cite file:line for every finding.
Check against these criteria:
{RUBRIC_CRITERIA}
SEVERITY:
- CRITICAL: exploitable vulnerability, data loss, crash in production
- HIGH: would cause incidents, missing critical validation
- MEDIUM: poor practice, inconsistent handling, minor gaps
- LOW: style, naming, documentation
OUTPUT FORMAT:
FINDING: {category} | {severity} | {description} | {file:line or N/A}" 2>&1
Replace {RUBRIC_CRITERIA} with the combined Review Criteria from all loaded rubric files, numbered sequentially.
Note: Test Coverage is handled by the testing phase — include a single line: "N. Test Coverage: tests exist, edge cases covered, meaningful assertions (handled by testing phase)".
If codex is not installed, fall back to Step 1b. If it fails for any other reason, log the error and fall back to Step 1b.
Run the review-bot.sh script bundled with this skill:
SKILL_DIR="$(dirname "$(readlink -f .claude/phases/codex-review/SKILL.md)" 2>/dev/null || dirname .claude/phases/codex-review/SKILL.md)"
bash "$SKILL_DIR/review-bot.sh" {TARGET} --run --out /tmp/lens-codex-report.json
Read /tmp/lens-codex-review.md (or /tmp/lens-codex-report.json if fallback was used).
For Codex review output, parse all findings with file:line references. Categorize by:
If Codex found no issues and rated the code production-ready, skip to Step 4.
Work through Codex findings by priority:
Apply every security fix Codex identified. These are non-negotiable.
KEYCHAIN_PASSWORD or similar) for CI/CDFor each fix: read the file, understand context, apply the minimal safe change. Do not rewrite surrounding code.
Review the code as a user, not an engineer. Code review catches bad code. This step catches bad products built with good code.
Walk through each criterion from .claude/rubric/product-quality.md (loaded in Step 0). For each criterion, check the target code and flag violations.
Product quality issues follow the same priority as code issues. Fix them in place using the Scope Constraint rules. If a fix seems to require a new file, restructure within the existing file instead. Every product quality issue gets fixed.
After applying all fixes, produce an evidence checklist. Write to .claude/evidence/ (create directory if needed).
Review EVERY catch block in the codebase. Write to .claude/evidence/codex-7a.md:
# Evidence: Codex 7a — Auth + Failure Paths
| Location | Item | Verdict | Reasoning |
|----------|------|---------|-----------|
| src/auth.ts:30 | catch block re-throws with context | PASS | Preserves error cause chain |
| src/db.ts:55 | catch swallows error silently | FAIL | Empty catch loses error context |
Every row must have a PASS or FAIL verdict. No blanks. The machine gate validates row counts against codebase counters — incomplete checklists block the pipeline.
Run lint and tests:
npm run lint 2>&1 || true
npm test 2>&1 || true
If tests fail due to fixes in this phase, fix the code, not the tests.
rm -f /tmp/lens-codex-review.md /tmp/lens-codex-report.json
Report:
End with: CODEX_REVIEW_COMPLETE
Read-only quality scan of components. Reports problems without making changes. Uses software-base + domain profile skills.
Refactoring patterns - improving code design without changing behavior
Read-only quality scan of components. Reports problems without making changes. Uses software-base + domain profile skills.
Find duplicated code and consolidate into shared utilities. Fixes all duplicates.
Reference templates for Codex evaluation. Used by build/improve orchestrators — not executed directly.
Hard-ass code review via Gemini. ALL issues must be fixed. No exceptions.