sd0xdev/codex-cli-review
skills/codex-cli-review/SKILL.md
Code review via Codex CLI with full disk access. Use when: deep review needing full codebase read, uncommitted change review. Not for: quick diff review (use codex-code-review), doc review (use doc-review). Output: severity-grouped findings + merge gate.
$ install --global
skillsauthnpx skillsauth add sd0xdev/sd0x-dev-flow codex-cli-reviewInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 18, 2026, 4:02 AM64.4s2 files scanned
SKILL.md
- name:
- codex-cli-review
- description:
- Code review via Codex CLI with full disk access. Use when: deep review needing full codebase read, uncommitted change review. Not for: quick diff review (use codex-code-review), doc review (use doc-review). Output: severity-grouped findings + merge gate.
- allowed-tools:
- Bash(bash:*)
- context:
- fork
Codex CLI Review Skill
Trigger
- Keywords: codex cli review, cli review, script review
When to Use
- Need Codex to independently explore the entire project (full disk read)
- Don't need MCP's context persistence feature
- Want to use Codex CLI's native review format
When NOT to Use
- Need iterative review (use
/codex-review-fast --continue) - Need to follow up with Codex (use MCP version)
- Only want to see diff without waiting for Codex exploration (use
/codex-review-fast)
Difference from MCP Version
| Feature | CLI Version (this skill) | MCP Version | | ------------------- | ------------------------ | --------------------- | | Independent explore | Full disk read | Needs explicit instruction | | Context persistence | None | threadId | | Iterative review | Each run independent | --continue | | Format | Codex native format | Custom prompt format | | Execution method | Script invocation | MCP tool invocation |
Workflow
┌─────────────────────────────────────────────────────────────────┐
│ Step 1: Check Changes │
├─────────────────────────────────────────────────────────────────┤
│ git status --porcelain │
│ No changes -> Early exit │
└─────────────────────────────────────────────────────────────────┘
↓
┌─────────────────────────────────────────────────────────────────┐
│ Step 2: Execute Codex CLI │
├─────────────────────────────────────────────────────────────────┤
│ codex review --uncommitted │
│ -c 'sandbox_permissions=["disk-full-read-access"]' │
│ │
│ Codex will independently: │
│ - Read changed files │
│ - Explore related dependencies │
│ - Check existing tests │
│ - Understand project structure │
└─────────────────────────────────────────────────────────────────┘
↓
┌─────────────────────────────────────────────────────────────────┐
│ Step 3: Output Review Results │
├─────────────────────────────────────────────────────────────────┤
│ Codex native format: │
│ - Summary │
│ - Issues (Critical/Major/Minor/Suggestion) │
│ - Recommendations │
└─────────────────────────────────────────────────────────────────┘
Script
bash skills/codex-cli-review/scripts/review.sh [options]
Options
| Parameter | Description |
| ------------------- | -------------------------- |
| --base <branch> | Compare with specified branch |
| --title "<text>" | Set review title |
| --prompt "<text>" | Custom review instructions |
I/O Contract
Input:
- Git working directory with changes
Output:
- Codex review report (stdout)
- Exit code: 0 = success, non-0 = failure
Output
## Codex CLI Review Report
### Findings
#### P0/P1/P2
- [file:line] Issue → Fix recommendation
### Merge Gate
✅ Ready / ⛔ Blocked
Verification
- [ ] Script executes without errors
- [ ] Codex explored the project (file references visible in output)
- [ ] Output includes issue classification
Examples
# Review uncommitted changes
/codex-cli-review
# Compare with main branch
/codex-cli-review --base main
# With title
/codex-cli-review --title "Feature: User Auth"
# Custom review instructions
/codex-cli-review --prompt "Focus on security and performance"
Related
| Command/Skill | Difference |
| ---------------------- | ------------------------------------ |
| /codex-review-fast | MCP version, supports iterative review |
| /codex-review | MCP version, includes lint + build |
| /codex-review-branch | MCP version, reviews entire branch |
Related Skills
sd0xdev/zh-tw
documentation
VerifiedTrustedCommunity
Rewrite the previous reply in Traditional Chinese
147SKILL.mdUpdated Apr 28, 2026
sd0xdev/watch-ci
development
VerifiedTrustedCommunity
Monitor GitHub Actions CI runs until completion. Use when: watching CI after push, checking build status, monitoring PR checks, waiting for CI completion, user says 'watch CI', 'check CI', 'CI status', 'monitor build', or /watch-ci. Not for: pushing code (use push-ci), creating PRs (use create-pr). Output: per-run verdict (pass/fail/timeout).
147SKILL.mdUpdated Apr 28, 2026
sd0xdev/verify
development
VerifiedTrustedCommunity
Verification loop — lint -> typecheck -> unit -> integration -> e2e
147SKILL.mdUpdated Apr 28, 2026
sd0xdev/update-docs
development
VerifiedTrustedCommunity
Research current code state then update corresponding docs, ensuring docs stay in sync with code.
147SKILL.mdUpdated Apr 28, 2026