feat: migrate all codex team skills from spawn_agents_on_csv to spawn_agent + wait_agent architecture

- Delete 21 old team skill directories using CSV-wave pipeline pattern (~100+ files) - Delete old team-lifecycle (v3) and team-planex-v2 - Create generic team-worker.toml and team-supervisor.toml (replacing tlv4-specific TOMLs) - Convert 19 team skills from Claude Code format (Agent/SendMessage/TaskCreate) to Codex format (spawn_agent/wait_agent/tasks.json/request_user_input) - Update team-lifecycle-v4 to use generic agent types (team_worker/team_supervisor) - Convert all coordinator role files: dispatch.md, monitor.md, role.md - Convert all worker role files: remove run_in_background, fix Bash syntax - Convert all specs/pipelines.md references - Final state: 20 team skills, 217 .md files, zero Claude Code API residuals Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-26 19:56:37 +08:00 · 2026-03-24 16:54:48 +08:00
parent 54283e5dbb
commit 1e560ab8e8
334 changed files with 28996 additions and 35516 deletions
--- a/.codex/skills/team-review/specs/dimensions.md
+++ b/.codex/skills/team-review/specs/dimensions.md
@@ -0,0 +1,82 @@
+# Review Dimensions (4-Dimension System)
+
+## Security (SEC)
+
+Vulnerabilities, attack surfaces, and data protection issues.
+
+**Categories**: injection, authentication, authorization, data-exposure, encryption, input-validation, access-control
+
+**Tool Support**: Semgrep (`--config auto`), npm audit, tsc strict mode
+**LLM Focus**: Business logic vulnerabilities, privilege escalation paths, sensitive data flows
+
+**Severity Mapping**:
+- Critical: RCE, SQL injection, auth bypass, data breach
+- High: XSS, CSRF, insecure deserialization, weak crypto
+- Medium: Missing input validation, overly permissive CORS
+- Low: Informational headers, minor config issues
+
+---
+
+## Correctness (COR)
+
+Bugs, logic errors, and type safety issues.
+
+**Categories**: bug, error-handling, edge-case, type-safety, race-condition, null-reference
+
+**Tool Support**: tsc `--noEmit`, ESLint error-level rules
+**LLM Focus**: Logic errors, unhandled exception paths, state management bugs, race conditions
+
+**Severity Mapping**:
+- Critical: Data corruption, crash in production path
+- High: Incorrect business logic, unhandled error in common path
+- Medium: Edge case not handled, missing null check
+- Low: Minor type inconsistency, unused variable
+
+---
+
+## Performance (PRF)
+
+Inefficiencies, resource waste, and scalability issues.
+
+**Categories**: n-plus-one, memory-leak, blocking-operation, complexity, resource-usage, caching
+
+**Tool Support**: None (LLM-only dimension)
+**LLM Focus**: Algorithm complexity, N+1 queries, unnecessary sync operations, memory leaks, missing caching
+
+**Severity Mapping**:
+- Critical: Memory leak in long-running process, O(n³) on user data
+- High: N+1 query in hot path, blocking I/O in async context
+- Medium: Suboptimal algorithm, missing obvious cache
+- Low: Minor inefficiency, premature optimization opportunity
+
+---
+
+## Maintainability (MNT)
+
+Code quality, readability, and structural health.
+
+**Categories**: code-smell, naming, complexity, duplication, dead-code, pattern-violation, coupling
+
+**Tool Support**: ESLint warning-level rules, complexity metrics
+**LLM Focus**: Architectural coupling, abstraction leaks, project convention violations
+
+**Severity Mapping**:
+- High: God class, circular dependency, copy-paste across modules
+- Medium: Long method, magic numbers, unclear naming
+- Low: Minor style inconsistency, commented-out code
+- Info: Pattern observation, refactoring suggestion
+
+---
+
+## Why 4 Dimensions (Not 7)
+
+The original review-cycle used 7 dimensions with significant overlap:
+
+| Original | Problem | Merged Into |
+|----------|---------|-------------|
+| Quality | Overlaps Maintainability + Best-Practices | **Maintainability** |
+| Best-Practices | Overlaps Quality + Maintainability | **Maintainability** |
+| Architecture | Overlaps Maintainability (coupling/layering) | **Maintainability** (structure) + **Security** (security architecture) |
+| Action-Items | Not a dimension — it's a report format | Standard field on every finding |
+
+4 dimensions = clear ownership, no overlap, each maps to distinct tooling.
--- a/.codex/skills/team-review/specs/finding-schema.json
+++ b/.codex/skills/team-review/specs/finding-schema.json
@@ -0,0 +1,82 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "title": "Finding",
+  "description": "Standardized finding format for team-review pipeline",
+  "type": "object",
+  "required": ["id", "dimension", "category", "severity", "title", "description", "location", "source", "effort", "confidence"],
+  "properties": {
+    "id": {
+      "type": "string",
+      "pattern": "^(SEC|COR|PRF|MNT)-\\d{3}$",
+      "description": "{DIM_PREFIX}-{SEQ}"
+    },
+    "dimension": {
+      "type": "string",
+      "enum": ["security", "correctness", "performance", "maintainability"]
+    },
+    "category": {
+      "type": "string",
+      "description": "Sub-category within the dimension"
+    },
+    "severity": {
+      "type": "string",
+      "enum": ["critical", "high", "medium", "low", "info"]
+    },
+    "title": { "type": "string" },
+    "description": { "type": "string" },
+    "location": {
+      "type": "object",
+      "required": ["file", "line"],
+      "properties": {
+        "file": { "type": "string" },
+        "line": { "type": "integer" },
+        "end_line": { "type": "integer" },
+        "code_snippet": { "type": "string" }
+      }
+    },
+    "source": {
+      "type": "string",
+      "description": "tool:eslint | tool:tsc | tool:semgrep | llm | tool+llm"
+    },
+    "tool_rule": { "type": ["string", "null"] },
+    "suggested_fix": { "type": "string" },
+    "references": {
+      "type": "array",
+      "items": { "type": "string" }
+    },
+    "effort": { "type": "string", "enum": ["low", "medium", "high"] },
+    "confidence": { "type": "string", "enum": ["high", "medium", "low"] },
+    "root_cause": {
+      "type": ["object", "null"],
+      "description": "Populated by reviewer role",
+      "properties": {
+        "description": { "type": "string" },
+        "related_findings": { "type": "array", "items": { "type": "string" } },
+        "is_symptom": { "type": "boolean" }
+      }
+    },
+    "impact": {
+      "type": ["object", "null"],
+      "properties": {
+        "scope": { "type": "string", "enum": ["low", "medium", "high"] },
+        "affected_files": { "type": "array", "items": { "type": "string" } },
+        "blast_radius": { "type": "string" }
+      }
+    },
+    "optimization": {
+      "type": ["object", "null"],
+      "properties": {
+        "approach": { "type": "string" },
+        "alternative": { "type": "string" },
+        "tradeoff": { "type": "string" }
+      }
+    },
+    "fix_strategy": { "type": ["string", "null"], "enum": ["minimal", "refactor", "skip", null] },
+    "fix_complexity": { "type": ["string", "null"], "enum": ["low", "medium", "high", null] },
+    "fix_dependencies": {
+      "type": "array",
+      "items": { "type": "string" },
+      "default": []
+    }
+  }
+}
--- a/.codex/skills/team-review/specs/pipelines.md
+++ b/.codex/skills/team-review/specs/pipelines.md
@@ -0,0 +1,102 @@
+# Review Pipelines
+
+Pipeline definitions and task registry for team-review.
+
+## Pipeline Modes
+
+| Mode | Description | Tasks |
+|------|-------------|-------|
+| default | Scan + review | SCAN -> REV |
+| full | Scan + review + fix | SCAN -> REV -> [confirm] -> FIX |
+| fix-only | Fix from existing manifest | FIX |
+| quick | Quick scan only | SCAN (quick=true) |
+
+## Pipeline Definitions
+
+### default Mode (2 tasks, linear)
+
+```
+SCAN-001 -> REV-001
+```
+
+| Task ID | Role | Dependencies | Description |
+|---------|------|-------------|-------------|
+| SCAN-001 | scanner | (none) | Multi-dimension code scan (toolchain + LLM) |
+| REV-001 | reviewer | SCAN-001 | Deep finding analysis and review report |
+
+### full Mode (3 tasks, linear with user checkpoint)
+
+```
+SCAN-001 -> REV-001 -> [user confirm] -> FIX-001
+```
+
+| Task ID | Role | Dependencies | Description |
+|---------|------|-------------|-------------|
+| SCAN-001 | scanner | (none) | Multi-dimension code scan (toolchain + LLM) |
+| REV-001 | reviewer | SCAN-001 | Deep finding analysis and review report |
+| FIX-001 | fixer | REV-001 + user confirm | Plan + execute + verify fixes |
+
+### fix-only Mode (1 task)
+
+```
+FIX-001
+```
+
+| Task ID | Role | Dependencies | Description |
+|---------|------|-------------|-------------|
+| FIX-001 | fixer | (none) | Execute fixes from existing manifest |
+
+### quick Mode (1 task)
+
+```
+SCAN-001 (quick=true)
+```
+
+| Task ID | Role | Dependencies | Description |
+|---------|------|-------------|-------------|
+| SCAN-001 | scanner | (none) | Quick scan, max 20 findings, skip toolchain |
+
+## Review Dimensions (4-Dimension System)
+
+| Dimension | Code | Focus |
+|-----------|------|-------|
+| Security | SEC | Vulnerabilities, auth, data exposure |
+| Correctness | COR | Bugs, logic errors, type safety |
+| Performance | PRF | N+1, memory leaks, blocking ops |
+| Maintainability | MNT | Coupling, complexity, dead code |
+
+## Fix Scope Options
+
+| Scope | Description |
+|-------|-------------|
+| all | Fix all findings |
+| critical,high | Fix critical and high severity only |
+| skip | Skip fix phase |
+
+## Session Directory
+
+```
+.workflow/.team/RV-<slug>-<YYYY-MM-DD>/
+├── .msg/messages.jsonl          # Message bus log
+├── .msg/meta.json               # Session state + cross-role state
+├── wisdom/                     # Cross-task knowledge
+│   ├── learnings.md
+│   ├── decisions.md
+│   ├── conventions.md
+│   └── issues.md
+├── scan/                       # Scanner output
+│   ├── toolchain-findings.json
+│   ├── semantic-findings.json
+│   └── scan-results.json
+├── review/                     # Reviewer output
+│   ├── enriched-findings.json
+│   ├── review-report.json
+│   └── review-report.md
+└── fix/                        # Fixer output
+    ├── fix-manifest.json
+    ├── fix-plan.json
+    ├── execution-results.json
+    ├── verify-results.json
+    ├── fix-summary.json
+    └── fix-summary.md
+```
--- a/.codex/skills/team-review/specs/team-config.json
+++ b/.codex/skills/team-review/specs/team-config.json
@@ -0,0 +1,27 @@
+{
+  "name": "team-review",
+  "description": "Code scanning, vulnerability review, optimization suggestions, and automated fix",
+  "sessionDir": ".workflow/.team-review/",
+  "msgDir": ".workflow/.team-msg/team-review/",
+  "roles": {
+    "coordinator": { "prefix": "RC", "type": "orchestration", "file": "roles/coordinator/role.md" },
+    "scanner":     { "prefix": "SCAN", "type": "read-only-analysis", "file": "roles/scanner/role.md" },
+    "reviewer":    { "prefix": "REV", "type": "read-only-analysis", "file": "roles/reviewer/role.md" },
+    "fixer":       { "prefix": "FIX", "type": "code-generation", "file": "roles/fixer/role.md" }
+  },
+  "collaboration_pattern": "CP-1",
+  "pipeline": ["scanner", "reviewer", "fixer"],
+  "dimensions": {
+    "security":        { "prefix": "SEC", "tools": ["semgrep", "npm-audit"] },
+    "correctness":     { "prefix": "COR", "tools": ["tsc", "eslint-error"] },
+    "performance":     { "prefix": "PRF", "tools": [] },
+    "maintainability": { "prefix": "MNT", "tools": ["eslint-warning"] }
+  },
+  "severity_levels": ["critical", "high", "medium", "low", "info"],
+  "defaults": {
+    "max_deep_analysis": 15,
+    "max_quick_findings": 20,
+    "max_parallel_fixers": 3,
+    "quick_fix_threshold": 5
+  }
+}