Stats
Actions
Tags
From codex-review
Sends git diffs of code changes from Claude Code sessions to OpenAI Codex CLI for iterative review on bugs, security, performance, error handling, and readability. Iterates up to 5 rounds until approved. Invoke via /codex-review:code.
How this skill is triggered — by the user, by Claude, or both
Slash command
/codex-review:codeThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Review code changes made in the current Claude Code session by sending them to OpenAI Codex. Claude and Codex iterate until the code passes review. Max 5 rounds.
Review code changes made in the current Claude Code session by sending them to OpenAI Codex. Claude and Codex iterate until the code passes review. Max 5 rounds.
/codex-review:code after making code changesWhen invoked, perform the following:
REVIEW_ID=$(uuidgen | tr '[:upper:]' '[:lower:]' | head -c 8)
Use this for all temp file paths: /tmp/claude-code-${REVIEW_ID}.md and /tmp/codex-code-review-${REVIEW_ID}.md.
Identify all files changed in the current session:
git diff (unstaged) and git diff --cached (staged) to get the full diff of changes.git diff --name-only and git diff --cached --name-only to get the list of changed files.git status for any new untracked files that were created in this session.If there are no changes detected, ask the user which files or changes they want reviewed.
Write a review document to /tmp/claude-code-${REVIEW_ID}.md containing:
# Code Review Request
## Changed Files
- [list of changed files with brief description of what each does]
## Intent
[Summarize the purpose of these changes based on the conversation context -- what was the user trying to accomplish?]
## Diff
[Full git diff output]
## New Files (if any)
[Full content of any newly created files not captured in the diff]
Run Codex CLI in non-interactive mode:
codex exec \
-m gpt-5.3-codex \
-s read-only \
-o /tmp/codex-code-review-${REVIEW_ID}.md \
"Review the code changes described in /tmp/claude-code-${REVIEW_ID}.md. Focus on:
1. Bugs - Logic errors, off-by-one, null/undefined issues, race conditions
2. Security - Injection, auth issues, secrets exposure, OWASP top 10
3. Performance - N+1 queries, unnecessary allocations, missing indexes
4. Error handling - Uncaught exceptions, missing validation, silent failures
5. Readability - Unclear naming, overly complex logic, missing context
For each issue found, specify:
- File and line number (or range)
- Severity: CRITICAL / WARNING / SUGGESTION
- What the problem is
- How to fix it
If the code is solid and ready to ship, end with: VERDICT: APPROVED
If changes are needed, end with: VERDICT: REVISE"
Capture the Codex session ID from the output line that says session id: <uuid>. Store this as CODEX_SESSION_ID.
Notes:
-m gpt-5.3-codex as the default model. If the user specifies a different model (e.g., /codex-review:code o4-mini), use that instead.-s read-only so Codex can read the codebase for context but cannot modify anything.-o to capture the output to a file for reliable reading.tail or any other filter — let the full output be visible so the user can see Codex's progress./tmp/codex-code-review-${REVIEW_ID}.md## Codex Code Review -- Round N (model: gpt-5.3-codex)
[Codex's feedback here, organized by severity]
Based on Codex's feedback:
### Fixes Applied (Round N)
- [File:line] [What was fixed and why]
Update the review document with the new diff:
git diff + git diff --cached) and update /tmp/claude-code-${REVIEW_ID}.mdResume the existing Codex session:
codex exec resume ${CODEX_SESSION_ID} \
"I've fixed the code based on your feedback. The updated diff is in /tmp/claude-code-${REVIEW_ID}.md.
Here's what I changed:
[List the specific fixes applied]
Please re-review. If the code is now solid and ready to ship, end with: VERDICT: APPROVED
If more changes are needed, end with: VERDICT: REVISE"
Note: codex exec resume does NOT support -o flag. Read the Codex response directly from stdout. Do NOT pipe through tail or any filter — show full output. Set a timeout of at least 10 minutes (600000ms).
Then go back to Step 5 (Read Review & Check Verdict).
Important: If resume ${CODEX_SESSION_ID} fails, fall back to a fresh codex exec call with context about prior rounds.
Once approved (or max rounds reached):
## Codex Code Review -- Final (model: gpt-5.3-codex)
**Status:** Approved after N round(s)
**Files reviewed:**
- [list of files]
**Issues found and fixed:** X critical, Y warnings, Z suggestions
[Final Codex feedback]
---
**Code has been reviewed and approved by Codex. Ready to commit.**
If max rounds were reached without approval:
## Codex Code Review -- Final (model: gpt-5.3-codex)
**Status:** Max rounds (5) reached -- not fully approved
**Remaining concerns:**
[List unresolved issues with file:line references]
---
**Codex still has concerns. Review the remaining items and decide whether to proceed.**
rm -f /tmp/claude-code-${REVIEW_ID}.md /tmp/codex-code-review-${REVIEW_ID}.md
gpt-5.3-codex. Accept model override from user arguments (e.g., /codex-review:code o4-mini)npm install -g @openai/codexnpx claudepluginhub lud1161/codex-review-skillReviews git diffs with Codex for bugs, security vulnerabilities, style issues, and performance problems. Useful for second opinions after AI edits or pre-commit checks.
Performs deep code review via Codex CLI with full disk access. Use for uncommitted changes and full codebase analysis. Outputs severity-grouped findings and merge gate.
Cross-model review using OpenAI Codex to independently verify plans or code diffs, iterating up to 5 rounds. Useful for architecture decisions, non-trivial refactors, and critical config changes.