kumewata/cc-delegate
config/agents/skills/cc-delegate/SKILL.md
Use when the user wants Codex to ask Claude Code for a second opinion or review on code, docs, diffs, PR changes, or design notes without modifying files. This delegates bounded review-only analysis through the Claude Code CLI (`claude -p`). Do NOT use for implementation or file edits; keep this skill review-only. Trigger especially when the user says ask Claude, ask Claude Code, cc-delegate, Claude review, second opinion from Claude, compare Codex and Claude, or review this diff/document with Claude Code.
tools
Updated May 29, 2026
$ install --global
skillsauthnpx skillsauth add kumewata/dotfiles cc-delegateInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 29, 2026, 7:32 AM125.3s1 file scanned
SKILL.md
- name:
- cc-delegate
- description:
- |
CC Delegate
Delegate review tasks from Codex to Claude Code using claude -p (non-interactive print mode).
Command Pattern
claude -p --permission-mode plan --output-format text --max-turns 4 "<prompt>"
Required flags:
-p/--print- Run Claude Code non-interactively and exit.--permission-mode plan- Keep the session in planning/review mode.
Recommended prompt guard:
Include this in every delegated prompt:
Review only. Do not modify files, create commits, run destructive commands, or perform external side effects. Return findings with file/line references where possible.
Optional flags:
--model <model>- Override model, e.g.sonnetoropus.--max-turns <n>- Raise for larger reviews; keep small for focused checks.--add-dir <path>- Allow Claude Code to inspect another directory.--output-format json- Use when scripting or preserving metadata.--no-session-persistence- Avoid saving a review-only session.
Safety Rules
- Do not use
--dangerously-skip-permissions,--allow-dangerously-skip-permissions, or--permission-mode bypassPermissions. - Do not ask Claude Code to implement, patch, commit, push, install dependencies, or mutate external systems when using this skill.
- Prefer exact files, directories, or git refs in the prompt. Avoid broad "review everything" prompts unless the user asked for a broad review.
- If Claude suggests changes, Codex must inspect and implement any accepted changes itself in the current session.
Code Review
Git diff review
claude -p --permission-mode plan --output-format text --max-turns 4 "Review only. Do not modify files, create commits, run destructive commands, or perform external side effects. Review the current git diff for bugs, regressions, and missing tests. List findings by severity with file/line references where possible."
Focused review
claude -p --permission-mode plan --output-format text --max-turns 4 "Review only. Do not modify files, create commits, run destructive commands, or perform external side effects. Review src/auth.ts specifically for authentication bypasses, token handling bugs, and unsafe error paths. List findings by severity with file/line references where possible."
Multi-file review
claude -p --permission-mode plan --output-format text --max-turns 6 "Review only. Do not modify files, create commits, run destructive commands, or perform external side effects. Review the changes under src/api/ for error handling, input validation, and API consistency. List findings by severity with file/line references where possible."
Document Review
claude -p --permission-mode plan --output-format text --max-turns 4 "Review only. Do not modify files, create commits, run destructive commands, or perform external side effects. Review docs/architecture.md for logical gaps, outdated claims, and unclear assumptions. Return concise findings and open questions."
Execution in Codex
Run claude -p via the shell from the repository root unless the prompt names another directory.
If the target is outside the current repository, either run from that directory or add it explicitly:
claude -p --permission-mode plan --add-dir /path/to/other/repo --output-format text "<review prompt>"
If the command fails because Claude Code is not installed or authenticated, report that and continue locally unless the user asks to install or log in.
Prompt Construction Guidelines
- State review-only scope - Explicitly prohibit edits and side effects.
- Name the target - Files, directories, current diff, staged diff, or base branch.
- State the review criteria - Bugs, security, regressions, tests, clarity, or design risks.
- Request structured output - Findings by severity, with file/line references where possible.
- Keep context bounded - Delegate one coherent review question at a time.
Notes
- Requires Claude Code CLI to be installed and authenticated (
claudeinPATH). claude -pprints the final response to stdout.- Claude Code may use network-backed model access; in sandboxed Codex sessions, approval may be required before execution.
Related Skills
kumewata/waza-eval
tools
VerifiedTrustedCommunity
Use when creating a new skill or making a substantial change to an existing skill and you also need to design, update, or review Waza-based executable evaluations. This includes deciding whether Waza is warranted, mapping `evals.json` cases into Waza tasks, choosing fixtures and graders, selecting a valid model with `waza models --json`, and running a local-first `waza run` workflow. Do NOT use for installing the Waza CLI itself or for general skill-authoring advice that does not involve Waza; use `skill-creator` for skill design and this skill for the Waza execution layer. Trigger especially when the user mentions Waza, `waza run`, `waza models`, executable evals, compare, graders, fixtures, or wants to validate a skill change with model-backed evaluation.
SKILL.mdUpdated Jun 3, 2026
kumewata/airflow
tools
VerifiedTrustedCommunity
Airflow DAG development skill for writing, reviewing, testing, and debugging Apache Airflow workflows. Use whenever the user mentions Airflow, DAGs, tasks, operators, sensors, schedules, retries, catchup, DAG import errors, DAG parse performance, or workflow orchestration in Python. Also use for Amazon MWAA / Managed Workflows for Apache Airflow work, including MWAA DAG deployment, requirements.txt, plugins.zip, aws-mwaa-docker-images, S3 DAG folders, CloudWatch logs, and MWAA-specific dependency or IAM issues.
SKILL.mdUpdated May 17, 2026
kumewata/tone
development
VerifiedTrustedCommunity
Use when the user asks for help drafting a GitHub PR description, a PR review comment, or a Slack post in their own tone (i.e., their personal writing voice). The skill detects the context (formal for PR / review, casual for Slack) and target_type (pr_description, pr_review, slack), drafts the body with an explicit reflection step that avoids verbose, mechanical phrasing, and stages the draft to `~/.local/state/tone/drafts/` via `tone-stage-draft.sh`. The user later runs `/tone-capture <url>` after posting, which pairs the staged draft with the final body to build a corpus for future tone tuning. Trigger especially when the user mentions PR description, PR review comment, Slack post, または「文を書いて」「文面を作って」「自分らしく」「トーン」「tone」.
SKILL.mdUpdated May 1, 2026
kumewata/xlsx
development
VerifiedTrustedCommunity
Use this skill any time a spreadsheet file is the primary input or output. This means any task where the user wants to: open, read, edit, or fix an existing .xlsx, .xlsm, .csv, or .tsv file (e.g., adding columns, computing formulas, formatting, charting, cleaning messy data); create a new spreadsheet from scratch or from other data sources; or convert between tabular file formats. Trigger especially when the user references a spreadsheet file by name or path — even casually (like "the xlsx in my downloads") — and wants something done to it or produced from it. Also trigger for cleaning or restructuring messy tabular data files (malformed rows, misplaced headers, junk data) into proper spreadsheets. The deliverable must be a spreadsheet file. Do NOT trigger when the primary deliverable is a Word document, HTML report, standalone Python script, database pipeline, or Google Sheets API integration, even if tabular data is involved.
SKILL.mdUpdated Apr 27, 2026