Skill

code-review

Review code changes for bugs, regressions, security risks, compatibility issues, and missing tests. Use when Codex is asked to review a diff, inspect current changes, prepare PR feedback, or check whether an implementation is safe to merge.

Popularity

Stars

Invocation

How this skill is triggered — by the user, by Claude, or both

Slash command

/forgekit:code-review

User invocable

Model invocable

Inline context

Default effort

Context Preview

The summary Claude sees in its skill listing — used to decide when to auto-load this skill

1. Read project rules: `.codex/rules.md`, `.codex/testing.md`, `.codex/security.md`, `governance/code-ownership-review-governance.md`, `governance/project-management-task-model.md`, code ownership and project task board documents in `.forgekit/docs/` if present, and relevant stack rules only.

Supporting Files

agents/openai.yaml

SKILL.md

59 lines · ~695 tokens

Stats

LanguagePython

Stars1

MaintenanceExcellent

Last CommitJun 15, 2026

Actions

View Source View Plugin View on GitHub View README

Stats

Actions

Code Review

Workflow

Read project rules: .codex/rules.md, .codex/testing.md, .codex/security.md, governance/code-ownership-review-governance.md, governance/project-management-task-model.md, code ownership and project task board documents in .forgekit/docs/ if present, and relevant stack rules only.
Inspect git status and git diff unless the user provided a specific diff.
If changes touch API, database, configuration, deployment, permissions, security, external services, hardware interfaces, Critical ownership areas, or Unknown ownership areas, check whether change impact assessment and owner review exist.
If changes are large, cross-module, migration, refactor, or high-risk work, check whether the large-change protocol was followed:
- governance/ai-engineering-loop.md
- required .forgekit/changes/<id>/ artifacts for the declared risk level
- governance/large-change-execution.md
- exploration report in .forgekit/docs/
- implementation plan in .forgekit/docs/
- staged validation and review notes
Prioritize findings in this order:
- correctness bugs
- behavioral regressions
- security risks
- missing change impact assessment
- missing owner or reviewer confirmation
- data loss or migration risks
- compatibility issues
- missing tests
Cite file paths and line numbers when possible.
Do not lead with style comments unless they cause real risk.

Review Focus

Inputs, validation, null/empty/error paths.
Auth, permissions, secrets, external actions.
Threat model and dependency review requirements for security-sensitive changes.
Database queries, migrations, transactions.
API compatibility and response shape changes.
Change impact assessment for high-impact changes.
Code ownership and required reviewer coverage for Critical or Unknown areas.
Task, Feature, Bug, and version state consistency.
Large-change exploration, implementation plan, staged validation, and session boundaries.
Medium/high risk change artifacts: proposal, tasks, verification, review, and design/ship when high risk.
Async, concurrency, lifecycle, resource cleanup.
Tests that should exist for changed behavior.
Repeated defects that should trigger defect review.
Severe issues that should trigger incident review.

Output

Use this order:

Findings
Open Questions
Test Gaps
Summary

If there are no findings, say so clearly and mention remaining validation risk.

code-review

Popularity

Invocation

Context Preview

Supporting Files

SKILL.md

code-review

Popularity

Invocation

Context Preview

Supporting Files

SKILL.md

Code Review

Workflow

Review Focus

Output

Similar Skills

Code Review

Workflow

Review Focus

Output

Similar Skills