csh
/
playbook
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
playbook/codex/skills/code-review-workflow/SKILL.md

2.2 KiB
Raw Blame History

name: code-review-workflow description: Structured expert code review for TSL/C++/Python diffs or patches. Triggers: code review, review PR, diff, 评审, 审查, 安全评审, 性能评审.

Code Review Workflow

When to Use This Skill

  • Review a PR / git diff / patch
  • Pre-merge quality gate (correctness/security/perf/tests)
  • Risky refactor, behavior change, auth/data path changes

Inputs (required)

  • Change set: PR link or git diff ... output (must include context)
  • Goal: expected behavior / acceptance criteria (13 sentences)
  • Risk level: low|med|high (default: med)
  • Verification: test commands / repro steps (if unknown, ask first)

Procedure

  1. Triage

    • Identify touched areas, public APIs, behavior changes, data/auth paths
    • Classify risk (blast radius, rollback difficulty)

  2. Correctness

    • Invariants, edge cases, error handling, null/empty, concurrency
    • Backward compatibility (inputs/outputs, wire formats, config)

  3. Security

    • AuthZ/AuthN boundaries, least privilege
    • Input validation, injection surfaces, secrets/log redaction

  4. Maintainability

    • Naming/structure/style aligned with Playbook docs
    • Complexity hotspots, duplication, clarity of intent

  5. Performance

    • Hot paths, algorithmic complexity, allocations/IO, N+1 patterns

  6. Tests & Verification

    • Map changes → tests; identify missing coverage
    • Provide minimal verification plan (commands + expected signals)

Review Standards (Playbook as authority)

  • Commit message: docs/common/commit_message.md
  • TSL: docs/tsl/code_style.md, docs/tsl/naming.md, docs/tsl/toolchain.md
  • C++: docs/cpp/code_style.md, docs/cpp/naming.md, docs/cpp/toolchain.md
  • Python: docs/python/style_guide.md, docs/python/tooling.md, docs/python/configuration.md

Output Contract (stable)

  • Summary: what changed & why
  • Risk: low|med|high + reasoning
  • Blockers: must-fix before merge (with file/line references when possible)
  • Non-blocking: Major / Minor / Nit
  • Questions: missing context / assumptions
  • Suggested verification: exact commands + what success looks like
  • Optional patch: minimal diff-style suggestions (only when unambiguous)