mirror of
https://github.com/catlog22/Claude-Code-Workflow.git
synced 2026-02-05 01:50:27 +08:00
0625c66bce
Major architectural improvements: - Simplify from 3 agents to 2 core agents - Adopt "Tests Are the Review" philosophy - Enhance test-gen as 4-phase orchestrator - Simplify review.md following update-memory pattern Agent Changes: - NEW: @test-fix-agent - Execute tests, diagnose failures, fix code - ENHANCED: @code-developer - Now writes implementation + tests together - REMOVED: @code-review-agent, @code-review-test-agent Task Type Updates: - "test" → "test-gen" (generate tests) - NEW: "test-fix" (execute and fix tests) Workflow Improvements: - test-gen.md: 4-phase orchestrator (context-gather → concept-enhanced → task-generate → execute) - review.md: Simplified to optional specialized reviews (security, architecture, quality, action-items) - All 16 files updated with new agent references See CHANGELOG.md for full details. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
9.6 KiB
9.6 KiB
name, description, usage, argument-hint, examples
| name | description | usage | argument-hint | examples | ||||
|---|---|---|---|---|---|---|---|---|
| review | Optional specialized review (security, architecture, docs) for completed implementation | /workflow:review [--type=<type>] [session-id] | [--type=security|architecture|action-items|quality] [session-id] |
|
🚀 Command Overview: /workflow:review
Optional specialized review for completed implementations. In the standard workflow, passing tests = approved code. Use this command only when specialized review is required (security, architecture, compliance, docs).
Philosophy: "Tests Are the Review"
- ✅ Default: All tests pass → Code approved
- 🔍 Optional: Specialized reviews for:
- 🔒 Security audits (vulnerabilities, auth/authz)
- 🏗️ Architecture compliance (patterns, technical debt)
- 📋 Action items verification (requirements met, acceptance criteria)
Review Types
| Type | Focus | Use Case |
|---|---|---|
quality |
Code quality, best practices, maintainability | Default general review |
security |
Security vulnerabilities, data handling, access control | Security audits |
architecture |
Architectural patterns, technical debt, design decisions | Architecture compliance |
action-items |
Requirements met, acceptance criteria verified, action items completed | Pre-deployment verification |
Notes:
- For documentation generation, use
/workflow:tools:docs - For CLAUDE.md updates, use
/update-memory-related
Execution Template
#!/bin/bash
# Optional specialized review for completed implementation
# Step 1: Session ID resolution
if [ -n "$SESSION_ARG" ]; then
sessionId="$SESSION_ARG"
else
sessionId=$(find .workflow/ -name '.active-*' | head -1 | sed 's/.*active-//')
fi
# Step 2: Validation
if [ ! -d ".workflow/${sessionId}" ]; then
echo "❌ Session ${sessionId} not found"
exit 1
fi
# Check for completed tasks
if [ ! -d ".workflow/${sessionId}/.summaries" ] || [ -z "$(ls .workflow/${sessionId}/.summaries/IMPL-*.md 2>/dev/null)" ]; then
echo "❌ No completed implementation found. Complete implementation first"
exit 1
fi
# Step 3: Determine review type (default: quality)
review_type="${TYPE_ARG:-quality}"
# Redirect docs review to specialized command
if [ "$review_type" = "docs" ]; then
echo "💡 For documentation generation, please use:"
echo " /workflow:tools:docs"
echo ""
echo "The docs command provides:"
echo " - Hierarchical architecture documentation"
echo " - API documentation generation"
echo " - Documentation structure analysis"
exit 0
fi
# Step 4: Analysis handover → Model takes control
# BASH_EXECUTION_STOPS → MODEL_ANALYSIS_BEGINS
🧠 Model Analysis Phase
After bash validation, the model takes control to:
-
Load Context: Read completed task summaries and changed files
# Load implementation summaries cat .workflow/${sessionId}/.summaries/IMPL-*.md # Load test results (if available) cat .workflow/${sessionId}/.summaries/TEST-FIX-*.md 2>/dev/null # Get changed files git log --since="$(cat .workflow/${sessionId}/workflow-session.json | jq -r .created_at)" --name-only --pretty=format: | sort -u -
Perform Specialized Review: Based on
review_typeSecurity Review (
--type=security):- Use MCP code search for security patterns:
mcp__code-index__search_code_advanced(pattern="password|token|secret|auth", file_pattern="*.{ts,js,py}") mcp__code-index__search_code_advanced(pattern="eval|exec|innerHTML|dangerouslySetInnerHTML", file_pattern="*.{ts,js,tsx}") - Use Gemini for security analysis:
cd .workflow/${sessionId} && ~/.claude/scripts/gemini-wrapper -p " PURPOSE: Security audit of completed implementation TASK: Review code for security vulnerabilities, insecure patterns, auth/authz issues CONTEXT: @{.summaries/IMPL-*.md,../..,../../CLAUDE.md} EXPECTED: Security findings report with severity levels RULES: Focus on OWASP Top 10, authentication, authorization, data validation, injection risks " --approval-mode yolo
Architecture Review (
--type=architecture):- Use Qwen for architecture analysis:
cd .workflow/${sessionId} && ~/.claude/scripts/qwen-wrapper -p " PURPOSE: Architecture compliance review TASK: Evaluate adherence to architectural patterns, identify technical debt, review design decisions CONTEXT: @{.summaries/IMPL-*.md,../..,../../CLAUDE.md} EXPECTED: Architecture assessment with recommendations RULES: Check for patterns, separation of concerns, modularity, scalability " --approval-mode yolo
Quality Review (
--type=quality):- Use Gemini for code quality:
cd .workflow/${sessionId} && ~/.claude/scripts/gemini-wrapper -p " PURPOSE: Code quality and best practices review TASK: Assess code readability, maintainability, adherence to best practices CONTEXT: @{.summaries/IMPL-*.md,../..,../../CLAUDE.md} EXPECTED: Quality assessment with improvement suggestions RULES: Check for code smells, duplication, complexity, naming conventions " --approval-mode yolo
Action Items Review (
--type=action-items):- Verify all requirements and acceptance criteria met:
# Load task requirements and acceptance criteria find .workflow/${sessionId}/.task -name "IMPL-*.json" -exec jq -r ' "Task: " + .id + "\n" + "Requirements: " + (.context.requirements | join(", ")) + "\n" + "Acceptance: " + (.context.acceptance | join(", ")) ' {} \; # Check implementation summaries against requirements cd .workflow/${sessionId} && ~/.claude/scripts/gemini-wrapper -p " PURPOSE: Verify all requirements and acceptance criteria are met TASK: Cross-check implementation summaries against original requirements CONTEXT: @{.task/IMPL-*.json,.summaries/IMPL-*.md,../..,../../CLAUDE.md} EXPECTED: - Requirements coverage matrix - Acceptance criteria verification - Missing/incomplete action items - Pre-deployment readiness assessment RULES: - Check each requirement has corresponding implementation - Verify all acceptance criteria are met - Flag any incomplete or missing action items - Assess deployment readiness " --approval-mode yolo
- Use MCP code search for security patterns:
-
Generate Review Report: Create structured report
# Review Report: ${review_type} **Session**: ${sessionId} **Date**: $(date) **Type**: ${review_type} ## Summary - Tasks Reviewed: [count IMPL tasks] - Files Changed: [count files] - Severity: [High/Medium/Low] ## Findings ### Critical Issues - [Issue 1 with file:line reference] - [Issue 2 with file:line reference] ### Recommendations - [Recommendation 1] - [Recommendation 2] ### Positive Observations - [Good pattern observed] ## Action Items - [ ] [Action 1] - [ ] [Action 2] -
Output Files:
# Save review report Write(.workflow/${sessionId}/REVIEW-${review_type}.md) # Update session metadata # (optional) Update workflow-session.json with review status -
Optional: Update Memory (if docs review or significant findings):
# If architecture or quality issues found, suggest memory update if [ "$review_type" = "architecture" ] || [ "$review_type" = "quality" ]; then echo "💡 Consider updating project documentation:" echo " /update-memory-related" fi
Usage Examples
# General quality review after implementation
/workflow:review
# Security audit before deployment
/workflow:review --type=security
# Architecture review for specific session
/workflow:review --type=architecture WFS-payment-integration
# Documentation review
/workflow:review --type=docs
✨ Features
- Simple Validation: Check session exists and has completed tasks
- No Complex Orchestration: Direct analysis, no multi-phase pipeline
- Specialized Reviews: Different prompts and tools for different review types
- MCP Integration: Fast code search for security and architecture patterns
- CLI Tool Integration: Gemini for analysis, Qwen for architecture
- Structured Output: Markdown reports with severity levels and action items
- Optional Memory Update: Suggests documentation updates for significant findings
Integration with Workflow
Standard Workflow:
plan → execute → test-gen → execute ✅
Optional Review (when needed):
plan → execute → test-gen → execute → review (security/architecture/docs)
When to Use:
- Before production deployment (security review + action-items review)
- After major feature (architecture review)
- Before code freeze (quality review)
- Pre-deployment verification (action-items review)
When NOT to Use:
- Regular development (tests are sufficient)
- Simple bug fixes (test-fix-agent handles it)
- Minor changes (update-memory-related is enough)
Related Commands
/workflow:execute- Must complete implementation first/workflow:test-gen- Primary quality gate (tests)/workflow:tools:docs- Generate hierarchical documentation (use instead of--type=docs)/update-memory-related- Update CLAUDE.md docs after architecture findings/workflow:status- Check session status