一键导入
review-plan-security
Codex-primary single-round security review of the implementation plan across three axes before implementation.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
菜单
Codex-primary single-round security review of the implementation plan across three axes before implementation.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
Conduct a decision-tree interview with the user to lock in requirements, motivation, scope, and non-goals before planning.
Stage 3 of three-stage planning pipeline. Produce a file-level implementation plan via detail-planner/detail-reviewer loop, then get user approval. Inputs are confirmed intent (<session-id>-intent.md) and outline (<session-id>-outline.md) from prior stages.
Edit source code for the current task. Delegates editing and lint/typecheck/self-repair to a subagent.
Plan and write test cases with high reasoning effort. Test iteration runs in a subagent to minimize confirmations.
Explore the codebase to understand existing patterns, constraints, and relevant files before planning.
Investigate git history, docs/history.md, and GitHub issue/PR timeline since the relevant issue opened, to surface changes that may invalidate the issue's premises.
| name | review-plan-security |
| description | Codex-primary single-round security review of the implementation plan across three axes before implementation. |
| model | opus |
| effort | medium |
| context | fork |
Review security implications of the implementation plan via Codex (single round, no re-loop).
RPS-1. Resolve <PLANS_DIR> via skills/_shared/resolve-plans-dir.md. Identify <PLANS_DIR>/<session-id>-detail.md. Initialize EXTENSIONS_USED=0.
RPS-2. Invoke "$AGENTS_CONFIG_DIR/skills/review-plan-security/scripts/run-codex-review-loop.sh" (Bash), exporting AGENTS_CONFIG_DIR, SESSION_ID, PLANS_DIR, EXTENSIONS_USED. Pass CTX_SURVEY_CODE, CTX_SURVEY_HISTORY, CTX_CONCERNS_LOG as env vars when available. Exit-code handling (SSOT: skills/_shared/codex-review-loop.md; exit 1 is TERMINAL):
<PLANS_DIR>/<session-id>-security-plan-codex-round-1-raw.md; present concerns with per-axis severity; propose mitigations; stop (no re-loop) → RPS-3.review-loop-summarize-concerns; present summary; stop → RPS-3.plan-security-reviewer subagent; use its verdict for RPS-4.The three security axes (Information Leakage / Third-Party Access / External Access) and their OWASP/CWE references live in the Codex prompt (bin/review-plan-codex) and the plan-security-reviewer fallback agent.
For code-level pattern scanning after implementation, use /review-code-security.