一键导入
review-changes
Code review workflow with severity-ranked findings
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
菜单
Code review workflow with severity-ranked findings
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
| name | review-changes |
| description | Code review workflow with severity-ranked findings |
/review-changes - Code review workflow
🔴 High - must fix | 🟠 Medium - should fix | 🔵 Low - suggestion
| Mode | Tag | Use | Effort |
|---|---|---|---|
| T1 | [T1:deep] | Reviewer passes (architecture/security/domain) | High |
| T2 | [T2:balanced] | Issue fixes and re-validation | Medium |
| T3 | [T3:quick] | Triage/status only (no approvals/security decisions) | Low |
OpenCode/OpenAI compatibility:
T1/T2/T3 are orchestration modes (effort/risk), not model names.subagent_type="general" for all modes.T1=high, T2=medium, T3=low; otherwise keep one model and enforce mode by prompt depth/evidence.Invocation of /review-changes is treated as explicit approval for read-only git commands in the current repo (git status/diff/log). Do not run git write/destructive operations without separate user confirmation.
Scope (MANDATORY):
/review-changes): Determine scope autonomously in this order:
origin/main, origin/master, main, master) when working tree is cleanHEAD~1..HEAD) when base branch is unavailableHEAD~1 does not exist, use HEAD as scope✅ APPROVED with Actions: none (nothing to review).source, base_branch (if used), commit_range (if used), files_changed.Context (MANDATORY): git status/diff/log, read arch docs
Select personas (MANDATORY) based on changes:
Required (all 25+ yrs):
Additional (all 25+ yrs):
| Change | Specialist |
|---|---|
| Perf | Distinguished Performance Engineer |
| API | Distinguished API Designer |
| DB | Distinguished Data Architect |
| DevOps | Distinguished Platform Engineer |
| UI | Distinguished UX Engineer |
(MANDATORY) [T1:deep] Spawn reviewers immediately via Task tool (no confirmation needed) → each returns findings w/ 🔴🟠🔵 + file:line
Report (MANDATORY):
# Review: {scope}
Scope: source={source}; base_branch={base_branch|n/a}; commit_range={commit_range|n/a}; files_changed={count}
Reviewers: {list}
## Findings
### {Persona}
- 🔴 {issue} file:line
- 🟠 {issue} file:line
## Verdict: ✅ APPROVED | 🔄 CHANGES_NEEDED
## Actions: {list}
Iterate (MANDATORY): If issues exist, immediately delegate fixes to specialized sub-agents:
[T2:balanced] spawn all sub-agents in single message (multiple Task calls)[T2:balanced] spawn sub-agents one at a time, wait for completionApplies to all Task-spawned reviewers/fixers.
🔄 CHANGES_NEEDED and a concrete action list of missing context to supply before re-running.Detect domain from: README, docs/, domain models, variable names, business logic
| Domain | SME |
|---|---|
| Finance/Banking | Distinguished Financial Analyst |
| Trading/Markets | Distinguished Day Trader/Quant |
| Healthcare | Distinguished Clinical/Medical Expert |
| E-commerce | Distinguished Retail/Commerce Expert |
| Legal | Distinguished Legal Expert |
| Logistics | Distinguished Supply Chain Expert |
| Gaming | Distinguished Game Designer |
| EdTech | Distinguished Education Specialist |
Unknown domain: Infer from project context (README, code, docs) → select appropriate SME. Fallback: Distinguished Business Analyst.
SME validates: business rules correct, edge cases handled, domain terminology accurate, regulatory compliance
Interview the user relentlessly about a plan or design. Use when the user wants to stress-test a plan before building, or uses any 'grill' trigger phrases.
Surface deepening opportunities in a codebase — shallow modules, seam leaks, missing locality — and grill through whichever one you pick. Architecture-pattern aware (monolith / distributed / serverless).
Reconcile and validate all documents in the project's docs/ directory
Full-project code audit workflow: audit then fix
Systematic root cause analysis. No fixes without investigation
Principal Engineer persona. Production-first technical judgment