Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

lploc94/codex-commit-review

Name: codex-commit-review
Author: lploc94

skill-packs/codex-review/skills/codex-commit-review/SKILL.md

npx skillsauth add lploc94/codex_skill codex-commit-review

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

Codex Commit Review

Purpose

Debate committed code quality after committing, before pushing. No code modified -- report + suggest only.

When to Use

After committing code (before push). Modes: staged (pre-commit preview) or last (already-committed).

Prerequisites

Staged: staged changes available (git diff --cached).
Last: recent commits exist.

Runner

RUNNER="{{RUNNER_PATH}}" SKILLS_DIR="{{SKILLS_DIR}}" json_esc() { printf '%s' "$1" | node -e 'let d="";process.stdin.on("data",c=>d+=c);process.stdin.on("end",()=>process.stdout.write(JSON.stringify(d)))'; }

Critical Rules (DO NOT skip)

Stdin: printf '%s' "$PROMPT" | node "$RUNNER" ... -- NEVER echo. JSON via heredoc.
Validate: init output must start with CODEX_SESSION:. start/resume must return valid JSON. CODEX_NOT_FOUND->tell user install codex.
status === "completed" means Codex's turn is done -- NOT that the debate is over. MUST check Loop Decision table.
Loop: Do NOT exit unless consensus or stalemate. No round cap.
Errors: failed->retry once (re-poll 15s). timeout->report partial, suggest lower effort. stalled+recoverable->stop->recovery resume->poll; not recoverable->report partial. Cleanup sequencing: finalize+stop ONLY after recovery resolves.
Cleanup: ALWAYS run finalize + stop, even on failure/timeout.
Runner manages all session state -- NEVER read/write session files manually.
Information barrier: Claude MUST complete independent analysis BEFORE reading Codex output.
NEVER modify code -- report + suggest only.
For detailed error flows -> Read references/protocol.md

Workflow

1. Collect Inputs

Mode: git diff --cached --quiet exit 1=staged, exit 0=last. Effort: <=200 lines=low, 201-1000=medium, >1000=high. Staged: git diff --cached, files changed. Last: git log -n N, clamp N to history, diff. Context discovery: language/framework, linters, test frameworks, CI config.

2. Init + Render + Start (Do NOT poll yet)

Init: node "$RUNNER" init --skill-name codex-commit-review --working-dir "$PWD" Render: template=staged-round1 or last-round1. Placeholders: FILES_CHANGED, DIFF_CONTEXT, USER_REQUEST, SESSION_CONTEXT, PROJECT_CONTEXT, COMMIT_LIST (last only). Start: printf '%s' "$PROMPT" | node "$RUNNER" start "$SESSION_DIR" --effort "$EFFORT"

3. Claude Independent Analysis (BEFORE polling)

INFORMATION BARRIER: MUST NOT read Codex output. Render: template=claude-staged or claude-last. Read diff/code, write FINDING-{N} per references/claude-analysis-template.md. Last mode: Evidence MUST reference SHA+subject. Overall Assessment + Strongest Positions. COMPLETE before Step 4.

4. Poll -> Cross-Analysis -> Resume Loop

Poll + report activities. Parse review.blocks[] (id, title, severity, category, location, problem, evidence) + review.overall_assessment. Fallback: review.raw_markdown. Compare Claude FINDING-{N} vs Codex ISSUE-{N}: Agreement, Disagreement, Claude-only, Codex-only, Same Direction Different Severity. Build response: Agreements, Disagreements, New findings. Claude orchestration is authoritative -- Codex VERDICT is advisory. Render: template=staged-round2+ or last-round2+. Placeholders: SESSION_CONTEXT, PROJECT_CONTEXT, AGREED_POINTS, DISAGREED_POINTS, NEW_FINDINGS, CONTINUE_OR_CONSENSUS_OR_STALEMATE, DIFF_CONTEXT, COMMIT_LIST. Resume + back to Poll.

| # | Condition | Action | |---|-----------|--------| | 1 | Full/Partial Consensus (no severity >= medium disagreements) | EXIT -> step 5 | | 2 | convergence.stalemate === true | EXIT -> step 5 (stalemate) | | 3 | Disagreements severity >= medium remain | CONTINUE -> Cross-Analysis |

5. Completion + Output

Report: Rounds, Verdict, Claude/Codex Findings, Agreed/Disagreed counts, Files Reviewed, FINDING<->ISSUE Mapping, Overall Assessment (Code quality/Security/Test coverage/Maintainability).

6. Finalize + Cleanup

finalize + stop. Always run. (-> references/protocol.md for error handling)

Flavor Text Triggers

SKILL_START, POLL_WAITING, CODEX_RETURNED, THINK_PEER, THINK_AGREE, THINK_DISAGREE, SEND_REBUTTAL, LATE_ROUND, APPROVE_VICTORY, STALEMATE_DRAW, FINAL_SUMMARY

Rules

Safety: NEVER git commit --amend, git rebase, or modify commit history.
Both Claude and Codex are equal peers. For last mode N>1: reference specific commit SHA in Evidence.

lploc94/codex-commit-review

skill-packs/codex-review/skills/codex-commit-review/SKILL.md

Peer debate between Claude Code and Codex on committed code quality. Report + suggest only, no modifications.

67 stars

development

Updated May 27, 2026

$ install --global

skillsauth

npx skillsauth add lploc94/codex_skill codex-commit-review

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: May 27, 2026, 7:21 AM109.5s4 files scanned

SKILL.md

name:: codex-commit-review
description:: Peer debate between Claude Code and Codex on committed code quality. Report + suggest only, no modifications.

Codex Commit Review

Purpose

Debate committed code quality after committing, before pushing. No code modified -- report + suggest only.

When to Use

After committing code (before push). Modes: staged (pre-commit preview) or last (already-committed).

Prerequisites

Staged: staged changes available (git diff --cached).
Last: recent commits exist.

Runner

Critical Rules (DO NOT skip)

Stdin: printf '%s' "$PROMPT" | node "$RUNNER" ... -- NEVER echo. JSON via heredoc.
Validate: init output must start with CODEX_SESSION:. start/resume must return valid JSON. CODEX_NOT_FOUND->tell user install codex.
status === "completed" means Codex's turn is done -- NOT that the debate is over. MUST check Loop Decision table.
Loop: Do NOT exit unless consensus or stalemate. No round cap.
Errors: failed->retry once (re-poll 15s). timeout->report partial, suggest lower effort. stalled+recoverable->stop->recovery resume->poll; not recoverable->report partial. Cleanup sequencing: finalize+stop ONLY after recovery resolves.
Cleanup: ALWAYS run finalize + stop, even on failure/timeout.
Runner manages all session state -- NEVER read/write session files manually.
Information barrier: Claude MUST complete independent analysis BEFORE reading Codex output.
NEVER modify code -- report + suggest only.
For detailed error flows -> Read references/protocol.md

Workflow

1. Collect Inputs

2. Init + Render + Start (Do NOT poll yet)

3. Claude Independent Analysis (BEFORE polling)

4. Poll -> Cross-Analysis -> Resume Loop

5. Completion + Output

Report: Rounds, Verdict, Claude/Codex Findings, Agreed/Disagreed counts, Files Reviewed, FINDING<->ISSUE Mapping, Overall Assessment (Code quality/Security/Test coverage/Maintainability).

6. Finalize + Cleanup

finalize + stop. Always run. (-> references/protocol.md for error handling)

Flavor Text Triggers

SKILL_START, POLL_WAITING, CODEX_RETURNED, THINK_PEER, THINK_AGREE, THINK_DISAGREE, SEND_REBUTTAL, LATE_ROUND, APPROVE_VICTORY, STALEMATE_DRAW, FINAL_SUMMARY

Rules

Safety: NEVER git commit --amend, git rebase, or modify commit history.
Both Claude and Codex are equal peers. For last mode N>1: reference specific commit SHA in Evidence.

Related Skills

lploc94/codex-think-about

development

VerifiedTrustedCommunity

Peer debate between Claude Code and Codex on any technical question. Both think independently, challenge each other, converge to consensus or explicit disagreement.

67SKILL.mdUpdated May 27, 2026

lploc94/codex-think-about

lploc94/codex-security-review

development

VerifiedTrustedCommunity

Security-focused code review using OWASP Top 10 and CWE patterns. Detects vulnerabilities through adversarial debate.

67SKILL.mdUpdated May 27, 2026

lploc94/codex-security-review

lploc94/codex-pr-review

development

VerifiedTrustedCommunity

Peer debate between Claude Code and Codex on PR quality and merge readiness. No code modifications.

67SKILL.mdUpdated May 27, 2026

lploc94/codex-pr-review

lploc94/codex-plan-review

tools

VerifiedTrustedCommunity

Review/debate plans before implementation between Claude Code and Codex CLI. Can run in plan mode — debates the plan and edits the plan file to fix accepted issues.

67SKILL.mdUpdated May 27, 2026

lploc94/codex-plan-review

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/lploc94/codex_skill.git

# Copy into Claude Code skills folder (global)
cp -r codex_skill/skill-packs/codex-review/skills/codex-commit-review ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

lploc94/codex_skill

67 stars

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT