Critical Code Review
Perform context-aware critical code review with integrated fix execution.
Review Targets
- •Specific file:
src/main.ts - •Branch diff:
main..feature/new-api - •Recent commit:
HEAD~1..HEAD - •Directory:
src/ - •PR:
#123 - •No argument: diff between current branch and base (main/master/develop)
Target Resolution
- •If argument provided: use as review target
- •If no argument:
- •Get current branch:
git branch --show-current - •Find base branch (priority: main, master, develop)
- •Review diff:
git diff <base>...HEAD - •Include unstaged changes
- •Get current branch:
Review Context (Determine First)
- •Project phase: MVP/Development/Production/Refactoring
- •Priority: Performance/Maintainability/Extensibility
- •Tech stack: Languages/Frameworks/Paradigms
- •File type: Backend/Frontend/UI Component/Database/Infrastructure
Review Criteria
🔴 High Priority (Critical)
- •Security risks: SQL/XSS injection, auth flaws, secret exposure
- •Data corruption: Transaction failures, race conditions, improper locking
- •System failure: Unhandled exceptions, resource leaks, infinite loops
🟡 Medium Priority (Design Quality)
- •Type safety & Domain Modeling: Primitive obsession, invalid state representation, missing smart constructors
- •Functional programming violations: Side effects, missing Result types, mutability
- •Design principle deviations: SOLID violations, high coupling, low cohesion
- •Domain model inconsistencies: Misrepresented business rules, ambiguous boundaries
- •Maintainability issues: Untestable design, missing documentation, implicit assumptions
🟢 Low Priority (Improvements)
- •Efficiency: N+1 queries, unnecessary computation, cache opportunities
- •Code quality: Duplication, naming, readability
🎨 UI/Frontend Specific
- •UI state management: Invalid state combinations, missing loading/error states
- •Accessibility: Missing ARIA, keyboard navigation, color-dependent information
- •Responsive design: Hardcoded sizes, mobile support, breakpoint inconsistencies
- •Component boundaries: Props drilling, excessive responsibility
- •UI performance: Unnecessary re-renders, heavy components, missing virtualization
Review Process
- •Perform self review and Codex review in parallel when feasible to reduce latency.
- •Self review: Perform critical review based on criteria above
- •Codex review (required when tool available): Request review via
mcp__codex-cli__codextool with context. If unavailable, explicitly note it. - •Integrate results: Combine self review and Codex review into final issue list
- •Present results: Output in the format below only after Codex review is completed or confirmed unavailable
Heuristic Review Guidance
- •Understand context, intent, and constraints before judging
- •Imagine the code's evolution over the next year
- •Use domain knowledge to validate business logic
- •Look beyond the listed categories and report issues of equivalent severity
Output Format
markdown
### 🔴/🟡/🟢 [Criterion Name] **Issue**: - Location (file:line) - Detailed description **Impact**: - Technical: Bug/Performance degradation/Maintainability - Business: User experience/Development velocity/Cost **Fix**: ```[language] // Specific fix code ```
Output Constraints
- •Issue count: Max 5 by priority (guideline: 🔴2, 🟡2, 🟢1). If critical issues are numerous, adjust upward while keeping prioritization.
- •Specificity: Include file:line, provide code examples
- •Conciseness: Consider CLI display, be clear
- •Practicality: Provide realistic, implementable fixes
Post-Review Fix Flow
After presenting review results, display:
code
## 🔧 Fix Options Execute fixes? (y/n/select) - y: Execute all - n: Exit without fixing - select: Choose items to fix Selection:
Fix Item Organization
markdown
## 🔧 Planned Fixes ### Auto-fix Items (🔴 Critical) 1. [Issue name] - file:line - Issue: [Brief description] - Fix: [What will be changed] ### Items Requiring Confirmation (🟡 Design / 🔵 Other) 2. [Issue name] - file:line - Issue: [Brief description] - Proposed fix: [Suggestion] - Impact scope: [Other file impacts] ### Skip Items (🟢 Suggestions) 3. [Issue name] - file:line (Manual fix recommended)
Ensure every item is numbered so the user can select them easily.
Item Selection (when select)
code
Enter item numbers to fix (comma-separated): Example: 1,2,4
Fix Execution
Fix Validation Criteria
- •Impact scope: Trace dependencies and identify side effects
- •Correctness: Ensure expected behavior is preserved
- •Testability: Ensure the fix can be verified by tests
- •Mathematical verification (when algorithms change): Check complexity, concurrency safety, and invariants
Pre-fix Verification
- •Confirm current file state
- •Verify fix code fits context
- •Consider impacts on other parts
Fix Application
- •Minimal changes: Only changes needed to solve the issue
- •Maintain consistency: Preserve existing code style, naming, indentation
- •Check imports: Add new dependencies appropriately
- •Type consistency: Ensure type integrity
- •Backward compatibility: Clarify impact when behavior/API changes
- •Naming conventions: Follow existing project rules
- •Avoid magic numbers: Prefer named constants with intent
- •Comments for complexity: Add concise comments only when needed
Quality Check
- •Syntax errors: Ensure no syntax errors after fix
- •Logical consistency: Ensure fix doesn't introduce new issues
- •Edge cases: Ensure proper boundary and error handling
- •Performance impact: Ensure no performance degradation
Test Implementation/Update
- •Check existing tests: Identify tests related to fix location
- •Update tests: Update tests that fail due to fix
- •Add new tests: Add regression tests for bug fixes, cover normal/error cases for new features
- •Test-first when feasible: Prefer writing a failing test before applying the fix
Fix Report
markdown
## ✅ Fix Complete Report ### Successful Fixes - ✅ [Issue name] - file:line - Changes: [Actual changes made] ### Failed Fixes - ❌ [Issue name] - file:line - Error: [Failure reason] - Workaround: [Manual fix instructions] ### Next Steps 1. **Run tests (Required)**: Verify all tests pass 2. Run lint/format if defined 3. Run type checks if applicable 4. Provide manual test steps for uncovered flows 5. Confirm changes with `git diff` 6. Check test coverage report 7. Restore with `git checkout -- <file>` if needed
Error Handling
- •Do not apply fixes that fail
- •Partial success is acceptable; report clearly what was applied
- •Report all errors with actionable guidance
Codex Review Integration
When mcp__codex-cli__codex tool is available, request secondary review:
code
Perform critical code review on the following code changes. Focus on: security risks, data integrity, design quality, and maintainability. Provide specific issues with file:line locations and fix suggestions. [Include code diff or file content]
If the tool is unavailable but the Codex CLI is available, use:
code
codex exec -m gpt-codex-5.2 -c reasoning_effort=xhigh "Perform critical code review on the following code changes. [Include diff or file content]"
Integrate Codex findings with self review, removing duplicates and prioritizing by severity.