--- name: "gsd-code-review" description: "Review source files changed during a phase for bugs, security issues, and code quality problems" metadata: short-description: "Review source files changed during a phase for bugs, security issues, and code quality problems" --- ## A. Skill Invocation - This skill is invoked by mentioning `$gsd-code-review`. - Treat all user text after `$gsd-code-review` as `{{GSD_ARGS}}`. - If no arguments are present, treat `{{GSD_ARGS}}` as empty. ## B. AskUserQuestion → request_user_input Mapping GSD workflows use `AskUserQuestion` (Claude Code syntax). Translate to Codex `request_user_input`: Parameter mapping: - `header` → `header` - `question` → `question` - Options formatted as `"Label" — description` → `{label: "Label", description: "description"}` - Generate `id` from header: lowercase, replace spaces with underscores Batched calls: - `AskUserQuestion([q1, q2])` → single `request_user_input` with multiple entries in `questions[]` Multi-select workaround: - Codex has no `multiSelect`. Use sequential single-selects, or present a numbered freeform list asking the user to enter comma-separated numbers. Execute mode fallback: - When `request_user_input` is rejected (Execute mode), present a plain-text numbered list and pick a reasonable default. ## C. Task() → spawn_agent Mapping GSD workflows use `Task(...)` (Claude Code syntax). Translate to Codex collaboration tools: Direct mapping: - `Task(subagent_type="X", prompt="Y")` → `spawn_agent(agent_type="X", message="Y")` - `Task(model="...")` → omit (Codex uses per-role config, not inline model selection) - `fork_context: false` by default — GSD agents load their own context via `` blocks Parallel fan-out: - Spawn multiple agents → collect agent IDs → `wait(ids)` for all to complete Result parsing: - Look for structured markers in agent output: `CHECKPOINT`, `PLAN COMPLETE`, `SUMMARY`, etc. - `close_agent(id)` after collecting results from each agent Review source files changed during a phase for bugs, security vulnerabilities, and code quality problems. Spawns the gsd-code-reviewer agent to analyze code at the specified depth level. Produces REVIEW.md artifact in the phase directory with severity-classified findings. Arguments: - Phase number (required) — which phase's changes to review (e.g., "2" or "02") - `--depth=quick|standard|deep` (optional) — review depth level, overrides workflow.code_review_depth config - quick: Pattern-matching only (~2 min) - standard: Per-file analysis with language-specific checks (~5-15 min, default) - deep: Cross-file analysis including import graphs and call chains (~15-30 min) - `--files file1,file2,...` (optional) — explicit comma-separated file list, skips SUMMARY/git scoping (highest precedence for scoping) Output: {padded_phase}-REVIEW.md in phase directory + inline summary of findings @C:/Users/rahul/Desktop/specforge/.codex/get-shit-done/workflows/code-review.md Phase: {{GSD_ARGS}} (first positional argument is phase number) Optional flags parsed from {{GSD_ARGS}}: - `--depth=VALUE` — Depth override (quick|standard|deep). If provided, overrides workflow.code_review_depth config. - `--files=file1,file2,...` — Explicit file list override. Has highest precedence for file scoping per D-08. When provided, workflow skips SUMMARY.md extraction and git diff fallback entirely. Context files (AGENTS.md, SUMMARY.md, phase state) are resolved inside the workflow via `gsd-sdk query init.phase-op` and delegated to agent via `` blocks. This command is a thin dispatch layer. It parses arguments and delegates to the workflow. Execute the code-review workflow from @C:/Users/rahul/Desktop/specforge/.codex/get-shit-done/workflows/code-review.md end-to-end. The workflow (not this command) enforces these gates: - Phase validation (before config gate) - Config gate check (workflow.code_review) - File scoping (--files override > SUMMARY.md > git diff fallback) - Empty scope check (skip if no files) - Agent spawning (gsd-code-reviewer) - Result presentation (inline summary + next steps)