Review decides whether the change can ship. It is not a long critique and it is
not a nit collector.
Rule labels: [IRON LAW] means a non-negotiable correctness constraint. [GUIDANCE] means a strong default that may adapt when context justifies it.
[IRON LAW] Hard stops come before concerns. Do not bury a blocking delivery
failure under style comments.
Read the current diff against the base branch or, when there is no remote diff,
the local dirty diff. Then output exactly three sections:
HARD STOPS
- [none | blocking finding list]
CONCERNS
- [none | non-blocking risks worth fixing or noting]
SUMMARY
- Changed files: [...]
- Verification evidence: [...]
- Scope/spec status: clean | drift | requirements missing | unknown
- Residual risk: none | [...]
- Status: DONE | BLOCKED | DONE_WITH_CONCERNS
Use BLOCKED whenever a hard stop exists. Use DONE_WITH_CONCERNS only when
remaining issues are non-blocking and explicitly listed.
Run the repo-appropriate equivalent of:
git remote get-url origin 2>/dev/null
git branch --show-current
git symbolic-ref refs/remotes/origin/HEAD 2>/dev/null | sed 's|refs/remotes/origin/||'
git status --short
git diff --stat
If on the base branch with no local diff, stop cleanly:
HARD STOPS
- none
CONCERNS
- none
SUMMARY
- Changed files: []
- Verification evidence: not applicable; no diff
- Scope/spec status: clean
- Residual risk: none
- Status: DONE
Do not invent findings when no code changed.
Read the strongest available intent source:
/taku-build
PLAN.md
DESIGN.md
Then compare intent to delivered changes.
Hard stops:
Approved deviations are not hard stops, but must be listed in SUMMARY.
Review the observed evidence, not confidence statements.
Hard stops:
evidence is visible.
If evidence is unavailable because the repo has no harness, say what was used
instead. Do not claim tests passed unless output or explicit user evidence shows
that.
Read the full diff before commenting. Search for production-risk patterns:
High-confidence critical/security bugs are hard stops. Apply a fix directly
only when the correct change is clear from local context. Otherwise provide the
smallest safe recommendation and keep status BLOCKED.
Only after hard stops are handled, list non-blocking risks:
Skip nit floods. If a style pattern matters, mention it once.
verifiable.
HARD STOPS must appear first.
SUMMARY must include changed files, verification evidence, residual risk,
and status.
status is BLOCKED until fixed or explicitly approved by the user.
Nit flood hides the real issue. A review produced 40 style comments and one
SQL injection finding. The developer fixed the easy comments and missed the
security bug.
Prevention: hard stops first; concerns second; style notes only when they change
delivery risk.
Review accepts a build summary as evidence. The summary said "tests pass",
but no command output was visible.
Prevention: completion claims need observed command output, diff evidence, or
explicit user-provided evidence.
Scope drift looks like cleanup. A task approved --json output, but the diff
also rewrote command discovery.
Prevention: reconstruct intent before code-quality review. Good code outside
scope is still a delivery failure.
共 1 个版本