Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

lambdalisue/code-review-codex

Name: code-review-codex
Author: lambdalisue

home/claude/skills/code-review-codex/SKILL.md

npx skillsauth add lambdalisue/dotfiles code-review-codex

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

Arguments

base (optional): Base branch/ref. Auto-detected if omitted.
No args: auto-detect. One arg: treated as base.

Language

User-facing report: Japanese

Principles

Read-only. No nits (style/naming/formatting → /style-review).
Focus: design mistakes, architectural misfit, best practices violations, security holes, codebase inconsistency, rule violations, logic bugs.
Uses codex exec with a review prompt — codex reads the codebase and diff itself.

codex exec CLI usage

CRITICAL: Follow these exact command patterns. Do NOT deviate or experiment.

codex exec --sandbox read-only "PROMPT" 2>&1

codex exec runs non-interactively and prints results to stdout
--sandbox read-only ensures no writes to the repository
The PROMPT tells codex what to review — codex has full access to read the repo and run git commands itself
Do NOT pipe stdin or construct complex shell escapes — just pass a clear prompt string

Workflow

Step 1: Determine review mode and base branch

If base given → use that as {base}.

If no base → auto-detect:

git status --short — any uncommitted changes?
Uncommitted → set {mode} to uncommitted
All committed → detect base: gh pr view --json baseRefName -q .baseRefName 2>/dev/null → fallback to default branch (main/master). Set {base} to detected branch and {mode} to committed.

If {mode} is committed, verify diff is non-empty:

git diff --stat "$(git merge-base {base} HEAD)"

If empty → STOP with "レビュー対象の変更がありません".

Step 2: Collect metadata for report header

Run in parallel:

git diff --name-only "$(git merge-base {base} HEAD)" (or git diff --name-only + git diff --cached --name-only for uncommitted) → count changed files
git log --oneline "$(git merge-base {base} HEAD)..HEAD" (committed mode only) → {log}

Step 3: Run codex exec

Build the prompt and run codex exec:

Committed changes:

codex exec --sandbox read-only "Review the code changes between {base} and HEAD. Focus on: design mistakes, architectural misfit, best practices violations, security holes, logic bugs. Ignore style/naming/formatting nits. Output findings in Japanese." 2>&1

Uncommitted changes:

codex exec --sandbox read-only "Review the uncommitted changes (staged and unstaged). Focus on: design mistakes, architectural misfit, best practices violations, security holes, logic bugs. Ignore style/naming/formatting nits. Output findings in Japanese." 2>&1

Do NOT: retry with different invocations on failure. If the command fails, report the error as-is.

Step 4: Report (Japanese)

Display results:

## コードレビュー結果 (Codex)

{header} | **変更ファイル数**: N

{codex exec output}

Where {header} is:

Committed: **ベース**: \{base}``
Uncommitted: **モード**: 未コミット変更

If codex found no issues, report that clearly.

Begin

Execute from Step 1.

lambdalisue/code-review-codex

home/claude/skills/code-review-codex/SKILL.md

Code review using OpenAI Codex CLI with project context (rules, diff, conventions)

41 stars

tools

Updated Apr 15, 2026

$ install --global

skillsauth

npx skillsauth add lambdalisue/dotfiles code-review-codex

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: Apr 15, 2026, 1:18 PM14.1s1 file scanned

SKILL.md

name:: code-review-codex
allowed-tools:: Bash(git diff:*), Bash(git log:*), Bash(git status:*), Bash(git branch:*), Bash(git merge-base:*), Bash(git rev-parse:*), Bash(gh pr:*), Bash(codex exec:*), Bash(wc:*), Read, Glob, Grep
argument-hint:: [base]
description:: Code review using OpenAI Codex CLI with project context (rules, diff, conventions)

Arguments

base (optional): Base branch/ref. Auto-detected if omitted.
No args: auto-detect. One arg: treated as base.

Language

User-facing report: Japanese

Principles

Read-only. No nits (style/naming/formatting → /style-review).
Focus: design mistakes, architectural misfit, best practices violations, security holes, codebase inconsistency, rule violations, logic bugs.
Uses codex exec with a review prompt — codex reads the codebase and diff itself.

codex exec CLI usage

CRITICAL: Follow these exact command patterns. Do NOT deviate or experiment.

codex exec --sandbox read-only "PROMPT" 2>&1

codex exec runs non-interactively and prints results to stdout
--sandbox read-only ensures no writes to the repository
The PROMPT tells codex what to review — codex has full access to read the repo and run git commands itself
Do NOT pipe stdin or construct complex shell escapes — just pass a clear prompt string

Workflow

Step 1: Determine review mode and base branch

If base given → use that as {base}.

If no base → auto-detect:

git status --short — any uncommitted changes?
Uncommitted → set {mode} to uncommitted
All committed → detect base: gh pr view --json baseRefName -q .baseRefName 2>/dev/null → fallback to default branch (main/master). Set {base} to detected branch and {mode} to committed.

If {mode} is committed, verify diff is non-empty:

git diff --stat "$(git merge-base {base} HEAD)"

If empty → STOP with "レビュー対象の変更がありません".

Step 2: Collect metadata for report header

Run in parallel:

git diff --name-only "$(git merge-base {base} HEAD)" (or git diff --name-only + git diff --cached --name-only for uncommitted) → count changed files
git log --oneline "$(git merge-base {base} HEAD)..HEAD" (committed mode only) → {log}

Step 3: Run codex exec

Build the prompt and run codex exec:

Committed changes:

codex exec --sandbox read-only "Review the code changes between {base} and HEAD. Focus on: design mistakes, architectural misfit, best practices violations, security holes, logic bugs. Ignore style/naming/formatting nits. Output findings in Japanese." 2>&1

Uncommitted changes:

codex exec --sandbox read-only "Review the uncommitted changes (staged and unstaged). Focus on: design mistakes, architectural misfit, best practices violations, security holes, logic bugs. Ignore style/naming/formatting nits. Output findings in Japanese." 2>&1

Do NOT: retry with different invocations on failure. If the command fails, report the error as-is.

Step 4: Report (Japanese)

Display results:

## コードレビュー結果 (Codex)

{header} | **変更ファイル数**: N

{codex exec output}

Where {header} is:

Committed: **ベース**: \{base}``
Uncommitted: **モード**: 未コミット変更

If codex found no issues, report that clearly.

Begin

Execute from Step 1.

Related Skills

lambdalisue/pr-update-now

tools

VerifiedTrustedCommunity

Update the title and body of an existing pull request WITHOUT asking for approval

41SKILL.mdUpdated May 30, 2026

lambdalisue/pr-update-now

lambdalisue/pr-create-now

tools

VerifiedTrustedCommunity

Create a pull request with title and body based on commits WITHOUT asking for approval

41SKILL.mdUpdated May 30, 2026

lambdalisue/pr-create-now

lambdalisue/git-commit-staged-now

tools

VerifiedTrustedCommunity

Create a Conventional Commit from already staged changes WITHOUT asking for approval

41SKILL.mdUpdated May 30, 2026

lambdalisue/git-commit-staged-now

lambdalisue/git-commit-staged-fixup-now

tools

VerifiedTrustedCommunity

Map staged changes to existing commits and create fixup commits for autosquash WITHOUT asking for approval

41SKILL.mdUpdated May 30, 2026

lambdalisue/git-commit-staged-fixup-now

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/lambdalisue/dotfiles.git

# Copy into Claude Code skills folder (global)
cp -r dotfiles/home/claude/skills/code-review-codex ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

lambdalisue/dotfiles

41 stars

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT