AgentSkillsCN

codex-reviewer

将 OpenAI Codex CLI 作为第二意见审核者与对话伙伴加以应用。适用于以下场景:(1) 当用户就代码寻求“第二意见”或“额外审查”时;(2) 当用户希望对照其他模型,对某项方案或架构决策进行交叉验证时;(3) 当用户提出“让 Codex 运行一下”或“请教 Codex”的需求时;(4) 当用户希望对生成的代码进行对抗性或红队式审查时。此功能要求已安装并完成身份认证的 `codex` CLI(执行 `codex login`)。

SKILL.md
--- frontmatter
name: codex-reviewer
description: >
  Use the OpenAI Codex CLI as a second-opinion reviewer and discourse partner.
  Trigger when: (1) the user asks for a "second opinion" or "extra review" on code,
  (2) the user wants to cross-check a plan or architecture decision against another model,
  (3) the user asks to "run it by Codex" or "ask Codex", or (4) the user wants an
  adversarial or red-team review of generated code. Requires `codex` CLI installed
  and authenticated (`codex login`).

Codex CLI Reviewer

Use the Codex CLI to get a second-opinion review or hold multi-turn discourse with a separate AI agent. This is useful for adversarial review, architecture validation, and catching blind spots.

Available Modes

1. One-shot review (codex review)

Best for: quick code review of a file or diff.

bash
codex review <file_or_directory>

Runs a non-interactive code review. Use for fast second opinions without back-and-forth.

2. One-shot exec (codex exec)

Best for: asking a single focused question or getting a single analysis.

bash
RESULT_FILE=$(mktemp /tmp/codex-result-XXXXXX.md)
# Run in background so user sees streaming output; read clean result from -o file
codex exec -s read-only -m gpt-5.3-codex -o "$RESULT_FILE" \
  "Review this function for edge cases: $(cat path/to/file.py)"

Then read $RESULT_FILE with the Read tool to get the clean result.

Key flags:

  • -m gpt-5.3-codex — use this model (required for this account)
  • -o <file> — write only the final analysis to a file (avoids verbose intermediate output)
  • --full-auto — let Codex run commands without approval (sandboxed)
  • -s read-only — read-only sandbox (safe default for review tasks)

IMPORTANT: Always use -o <file> and run the Bash command with run_in_background: true. This lets the user see codex's verbose progress streaming in their terminal, while keeping the intermediate output out of your context. When the command completes, use the Read tool on the result file to get only the final agent message.

3. Multi-turn discourse (session resume)

For extended back-and-forth (architecture debate, iterative refinement), use session IDs to maintain context across codex exec calls.

Every codex exec call outputs a session ID in its header:

code
session id: 019c2ed2-139e-7582-b9f1-50411c04ab08

Parse and track this ID to resume the conversation.

Session resume syntax

bash
# Resume a specific session:
codex exec "YOUR_FOLLOWUP_PROMPT" resume <session_id>

# Resume the most recent session:
codex exec "YOUR_FOLLOWUP_PROMPT" resume --last

Programmatic multi-turn pattern

bash
RESULT_FILE=$(mktemp /tmp/codex-result-XXXXXX.md)

# Round 1: Initial review — tee stderr to capture session ID while user watches
STDERR_FILE=$(mktemp /tmp/codex-stderr-XXXXXX.log)
codex exec -C /path/to/repo -s read-only -m gpt-5.3-codex \
  -o "$RESULT_FILE" \
  "Review src/auth/login.py for security issues" 2> >(tee "$STDERR_FILE" >&2)
SESSION_ID=$(grep 'session id:' "$STDERR_FILE" | awk '{print $NF}')
# Read $RESULT_FILE with the Read tool

# Round 2: Follow up within the same session (Codex retains full context)
codex exec -m gpt-5.3-codex -o "$RESULT_FILE" \
  "Now suggest concrete fixes for each issue you found" \
  resume "$SESSION_ID"
# Read $RESULT_FILE with the Read tool

# Round 3: Adversarial check, still in same session
codex exec -m gpt-5.3-codex -o "$RESULT_FILE" \
  "Play devil's advocate — what could still go wrong?" \
  resume "$SESSION_ID"
# Read $RESULT_FILE with the Read tool

Key advantage: When resuming a session, Codex retains the full prior conversation context. No need to re-send file contents or prior output. Just send the new prompt.

Managing multiple sessions

When running parallel reviews (e.g. reviewing auth AND database modules simultaneously), track session IDs in variables:

bash
# Start two parallel review tracks
AUTH_OUT=$(codex exec -C /repo "Review src/auth/ for security" 2>&1)
AUTH_SESSION=$(echo "$AUTH_OUT" | grep 'session id:' | awk '{print $NF}')

DB_OUT=$(codex exec -C /repo "Review src/db/ for query safety" 2>&1)
DB_SESSION=$(echo "$DB_OUT" | grep 'session id:' | awk '{print $NF}')

# Follow up on each independently
codex exec "Prioritize the issues by severity" resume "$AUTH_SESSION"
codex exec "Are there any SQL injection vectors?" resume "$DB_SESSION"

Workflow

  1. Determine scope — what files/decisions need review.
  2. Choose mode:
    • Quick file review → codex review
    • Single focused question → codex exec
    • Extended debate → codex exec with session resume
  3. Run the review and capture output + session ID.
  4. Iterate if needed — resume the session with follow-up questions.
  5. Synthesize — present the user with a unified summary: areas of agreement, disagreements, and actionable recommendations.
  6. Act on findings — if the user agrees, apply suggested changes.

Tips

  • Always use -m gpt-5.3-codex — this is the strongest model available on this account.
  • Always use -o <file> to capture the final message cleanly. Read the file instead of stdout.
  • Use -s read-only for review tasks (safe default; Codex can read but not modify).
  • For large repos, point Codex at specific directories or files rather than the whole tree.
  • Always extract and store the session ID if there's any chance of follow-up.
  • resume --last is convenient for single-track reviews; use explicit session IDs when running parallel reviews.
  • Wrap Codex output in a clear "Second Opinion" heading when presenting to the user so it's obvious which feedback comes from which model.