一键导入
ce-review
Review recent code changes for bugs, regressions, product fit, conventions, performance, security, and blast radius.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
菜单
Review recent code changes for bugs, regressions, product fit, conventions, performance, security, and blast radius.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
| name | ce-review |
| description | Review recent code changes for bugs, regressions, product fit, conventions, performance, security, and blast radius. |
| argument-hint | [quick|deep] [mode:* ignored] [base:<ref>] [plan:<path>] [PR number, PR URL, branch name, or blank for current branch] |
Review the current changeset like a senior engineer who cares about product outcome and code taste. The goal is not maximum findings. The goal is to help the user ship a clean, correct, elegant implementation.
This skill is review-only. It never edits files, commits, pushes, opens PRs, files tickets, writes run artifacts, or applies fixes. If the user wants fixes after the review, handle that as a separate task.
ce-review is a work-review skill. Use it after implementation exists as a
branch, PR, or local diff. It may read a plan via plan:<path> for intent, but
the review target is still the changed work.
Do not use ce-review to review requirements docs, plans, PRDs, or kickoff
docs. Use document-review for those artifacts.
code-taste for TypeScript, React, helper-boundary, effect, test-shape,
and maintainability smells when those concerns are relevant to the diff.Do not do any of these:
Before substantive review, establish that the changeset is reviewable.
Parse arguments before resolving the target:
quick means run the passes in the parent agent and keep the report short.deep means prefer thoroughness over speed: use context-building and
specialist reviewers more readily, inspect relevant callers/importers for
changed contracts, and run every applicable pass even when the diff is small.
If both quick and deep are present, prefer deep and note the conflict.mode:* tokens are legacy caller flags. Strip and ignore them before target
resolution; do not treat values such as mode:agent, mode:headless, or
mode:autofix as PRs, branches, paths, or review targets.base:<ref> selects the diff base for the current checkout.plan:<path> is an optional intent source; read it for requirements context when it exists.base:<ref> means review the current checkout against that base. Use git merge-base HEAD <ref> when possible; otherwise use <ref> directly. Mark the target as current-checkout.gh pr view and gh pr diff --color=never when available. Mark the target as remote-readonly.HEAD or the current branch name), mark the target as current-checkout; otherwise prefer an open PR for the branch when one exists, or diff the resolved branch ref against the default branch, and mark the target as remote-readonly.current-checkout.AGENTS.md and CLAUDE.md ancestors.When command output is unavailable, continue with the closest reliable source and state the limitation in the review.
Write a two- or three-line intent summary before judging the code.
Use the conversation, branch name, commit messages, PR title/body, linked issue text, plan snippets, and the diff itself. If intent is uncertain, say what you inferred and review against that inferred contract.
The intent summary should answer:
Read changed files in full when they are reasonably sized. Use the diff to distinguish new or modified behavior from existing code.
For exported functions, public components, API handlers, hooks, schemas, commands, or shared utilities, inspect the nearest callers/importers when the changed contract may affect them.
Do not let caller spelunking become an unrelated repo audit. Follow blast radius only as far as needed to decide whether this change is correct.
When intent, conventions, or a historical decision remains unclear after
reading the diff and live files, use qmd-knowledge-base. Keep the current diff,
working tree, and tests as the review's implementation evidence.
When the review starts cold — a standalone diff or PR with no context built upstream this session — use a RepoPromptCE context_builder review-mode pass (see the repoprompt skill) to map blast radius and cross-module impact independently. Within a session that already ran brainstorm, plan, or work, reuse that context instead of rebuilding it. Fold the result into the main review; do not mechanically forward findings that lack file/line evidence.
In deep mode, use the context-builder for any non-trivial diff unless enough
equivalent context is already loaded. Inspect callers/importers for changed
contracts more aggressively, but keep the search tied to real behavior,
ownership boundaries, public APIs, shared state, or test fixtures touched by the
change.
For small changes, run these passes yourself. For medium or large changes, use parallel read-only sub-agents when the platform supports them, one pass per agent. If sub-agents are unavailable, run the passes sequentially.
In deep mode, bias toward parallel specialist reviewers for all applicable
passes, including small diffs with subtle state, data-flow, contract, security,
performance, or test-proof risk. Deep mode should increase scrutiny and caller
coverage; it should not lower the evidence bar or add speculative findings.
Each pass returns at most five findings, ranked by impact. A pass with no issues says No issues.
Every pass uses this shared bar:
For medium or large reviews, and for deep reviews, delegate the context-heavy
passes to existing reviewer agents instead of loading every lens into the parent
thread. The parent keeps review intent, severity, deduplication, and final
verdict ownership.
Dispatch the smallest useful set:
correctness-reviewer for product intent, logic, state transitions, async
ordering, error propagation, and edge cases.maintainability-reviewer for traceability, data flow, coupling, naming,
abstraction debt, and broad code-shape concerns.code-simplicity-reviewer when the implementation looks over-built, includes
scaffolding, or needs a final minimalism pass.project-standards-reviewer for AGENTS.md/CLAUDE.md and local instruction
compliance.testing-reviewer for changed-code test gaps, weak assertions, brittle
tests, and missing proof.react-test-architect only when the review needs a broader React test
strategy, suite reshaping, or CI test-performance assessment.kieran-typescript-reviewer for TypeScript diffs where type safety,
compile-time contracts, casts, nullability, helper boundaries, or TS-specific
maintainability are material.kieran-python-reviewer for Python diffs.api-contract-reviewer for API routes, request/response schemas,
serialization, versioning, exported type signatures, and public contracts.reliability-reviewer for retries, timeouts, async handlers, background jobs,
health checks, circuit breakers, and failure modes.performance-reviewer for query shapes, caching, I/O volume, hot paths,
loops over large data, bundle impact, or frequently rendered UI.previous-comments-reviewer when an open PR has prior review comments or
review threads.julik-frontend-races-reviewer for JavaScript, Stimulus, Turbo, DOM
lifecycle, or timing-sensitive frontend diffs.architecture-strategist when the diff changes boundaries, service shape,
shared interfaces, module layering, or architectural direction.design-implementation-reviewer when the task includes matching a Figma
design or visual implementation fidelity.adversarial-reviewer for large or high-risk diffs where constructing
failure scenarios is likely to find issues the normal passes miss.Do not dispatch an agent solely because it exists. If a concern is small enough to evaluate in the parent context, run it inline. If an agent returns findings, deduplicate and re-check them against this skill's evidence bar before including them in the final review.
Ask whether the implementation actually satisfies the intended product contract.
Look for:
If the code is clean but solves the wrong problem, that is a must-fix.
Ask whether a reader can follow what the code does without holding the whole system in their head.
Look for:
Prefer explicit dependencies and flat data flow. Do not demand extraction for its own sake.
Ask whether less code would do the same thing just as clearly.
Look for:
This is the taste pass. It should improve the shape of the implementation, not make it clever.
For UI diffs, include the frontend-design taste bar: the implementation should
match the existing system, expose expected states, avoid generic AI chrome, and
prove the rendered surface when a route, story, or preview exists.
Read the governing AGENTS.md and CLAUDE.md files. Check only rules relevant to the changed files.
Look for:
any, non-null assertions, weakened tests, or broad castsProject conventions are evidence, not bureaucracy. If the local pattern is bad but entrenched, name the tradeoff instead of blindly enforcing it.
Ask whether the changed contract is proven at the lowest meaningful seam.
Look for:
Do not demand tests for pure formatting or non-behavioral churn. Do not treat passing commands as product proof when the product surface still needs checking.
Run this pass proportionally. It is not a license to invent scale concerns.
Look for:
Flag only when the cost is likely to matter for this product surface.
Run this pass on real trust boundaries, not every line of code.
When the diff touches a boundary, first map what crosses it: external inputs, auth/authz decisions, persistence or session state, external calls, and any crypto, secrets, or private data.
Look for:
Before reporting a finding, check whether the local owner already validates, guards, escapes, or tests that path. Report the real gap, not the checklist item.
If the diff does not touch a trust boundary, this pass should usually have no findings.
Ask whether changed public behavior has affected callers.
Early exit when no exported symbol, API shape, schema, shared state, public component contract, config default, or externally observable behavior changed.
Otherwise inspect likely callers/importers and look for:
Do not turn this into a production-support checklist. Stay tied to changed contracts.
Collect findings from the passes, deduplicate them, and drop anything that does not meet the bar.
Severity:
must-fix - correctness, security, data integrity, or product-contract issue that should block shippingshould-fix - meaningful maintainability, traceability, test, performance, or convention issue worth fixing before review/mergenit - small style or cleanup issue that is safe to ignoreVerdict:
Ship it - no findings, or only ignorable nitsMinor nits - only nits remainNeeds changes - any should-fix or one contained must-fixRethink approach - multiple must-fix findings, or one must-fix that undermines the core designStart with findings. Keep the report dense and useful.
Use this shape:
## Findings
### must-fix
| File | Issue | Fix |
| --- | --- | --- |
| `path/file.ts:42` | The changed resolver drops saved filters when the URL has no tab param. | Preserve the existing tab state before applying URL defaults. |
### should-fix
| File | Issue | Fix |
| --- | --- | --- |
| `path/file.ts:88` | The helper takes the whole chart but only reads `dateMode`. | Pass `dateMode` directly so the dependency is honest. |
## Verdict
Needs changes.
## Checks
- Typecheck: passed
- Touched tests: not run - no focused test command found
- Browser proof: not applicable
Rules:
No findings. clearly.Before delivering, re-read every finding and ask:
Drop anything that fails those questions.
After the verdict, recommend what to run next and fire it — do not end on a bare report. The menu is gated by the verdict, not a fixed list: show only the options that fit, mark the recommended one, and renumber so options stay contiguous from 1.
Use the platform's blocking question tool (AskUserQuestion in Claude Code, request_user_input in Codex, ask_user in Gemini, ask_user in Pi (requires the pi-ask-user extension)). In Claude Code, call ToolSearch with select:AskUserQuestion first if its schema isn't loaded — a pending schema load is not a reason to fall back. Fall back to a numbered chat list ("Pick a number or describe what you want.") only when no blocking tool exists or the call errors. Never end the turn without collecting a response. Act on the selection — invoke the routed skill via the platform's skill primitive — do not merely name it.
Before offering routes, check the target marker from Step 0. Mutating or
current-checkout routes (git-commit-push-pr, git-commit, ce-work,
ce-debug, ce-simplify-code, or any apply/fix workflow) are visible only when
the reviewed target is current-checkout.
If the reviewed target is remote-readonly, render only non-mutating options or
guidance. Do not invoke an apply or shipping skill against the local checkout:
Ship it / Minor nits: state that the reviewed PR or branch appears
shippable from the review evidence, and tell the user to check out that target
before asking for commits or fixes.Needs changes: provide a concise review response or fix list tied to the
remote diff, and tell the user to check out the target branch before applying
changes.Rethink approach: summarize the planning concern and recommend a planning
pass after the target branch is checked out.For current-checkout targets, gate the options on the verdict:
Ship it / Minor nits: git-commit-push-pr to ship (recommended), or git-commit for a local commit only. Add ce-simplify-code only when nits worth cleaning remain.Needs changes: ce-work to address the findings (recommended), or ce-debug when the findings are bugs, regressions, or failing tests. After the fix lands, re-review the changed surface.Rethink approach: ce-plan to rework the approach (recommended), or ce-brainstorm / ce-grill when the product framing itself is in question, not just the implementation. Offer ce-work only for any contained finding safe to fix in place.Always include a Done for now option that ends the turn without follow-up work.
Sub-step guard: When another skill invoked this as a sub-step (e.g., ce-work owns the finish), skip the menu — return the verdict and findings and let the caller route. Present the menu only when this skill owns the turn's endpoint.
This skill is review-only — routing to ce-work or ce-debug is the apply path; never apply fixes from here.
Normalize a consequential or ambiguous request when missing context, boundaries, or proof could materially change the work. Explicit invocation previews the improved prompt.
Explore requirements and approaches through collaborative dialogue, then write a right-sized requirements document. Use when the user says "let's brainstorm", "what should we build", or "help me think through X", presents a vague or ambitious feature request, or seems unsure about scope or direction -- even without explicitly asking to brainstorm.
Find root causes and fix bugs. Use for errors, failing tests, issue repros, stack traces, "debug this", or "why is this failing".
Create structured plans for multi-step tasks once the goal is clear enough to plan. Use after ce-brainstorm or ce-grill, or directly for clear planning requests. If the request has branchy product/scope ambiguity, run ce-grill first. After markdown plans, document-review runs before handoff.
Execute implementation work with a compact product-contract loop. Use when the user asks to build, fix, implement, polish, or finish a scoped task. Favor reasoning, prior art, smallest correct changes, focused tests, and real-surface proof. Do not run autonomous PR, CI, ticket, or residual-work pipelines.
Route project knowledge searches to relevant collections on this machine and classify evidence authority. Use for non-trivial framing and planning or when implementation intent, ownership, conventions, expected behavior, or history are unclear; skip exact grounded work. Delegate query and retrieval mechanics to the qmd skill.