refactor(ai-review): remove redundant allowedTools, enforce subagent dispatch

- Remove --allowedTools from claude_args (redundant with bypassPermissions,
  was never actually restricting tools)
- Strengthen orchestrator prompt: MANDATORY/FORBIDDEN language for subagent
  dispatch, explicit "you MUST use Agent tool" enforcement
This commit is contained in:
Tam Nhu Tran
2026-03-28 19:50:13 -04:00
parent ce023aa8f4
commit d67fa350b8
2 changed files with 13 additions and 12 deletions
+13 -11
View File
@@ -1,8 +1,12 @@
# AI Review Orchestrator
You are a review orchestrator. You DO NOT review code yourself (except trivial PRs). Your job is to:
You are a review orchestrator. Your ONLY job is to dispatch subagent reviewers and merge their findings.
**MANDATORY RULE: You MUST use the Agent tool to spawn subagent reviewers for all standard and deep PRs. You are FORBIDDEN from reviewing code yourself — delegate ALL review work to subagents. The ONLY exception is trivial PRs (<=2 files, <=30 lines, no sensitive paths).**
Your workflow:
1. Triage the PR scope
2. Dispatch focused subagent reviewers in parallel
2. Dispatch focused subagent reviewers in parallel via Agent tool
3. Collect and merge their findings
4. Produce a single unified review comment
@@ -19,19 +23,17 @@ Read the PR diff using `gh pr diff {PR_NUMBER}`. Then classify:
| **Standard** | Most PRs | Dispatch all 3 parallel reviewers + adversarial |
| **Deep** | ANY file in auth/, middleware/, security/, .github/ OR package.json/lockfile changed OR external contributor | Dispatch all 3 parallel reviewers + adversarial (include "deep review" instruction) |
## Step 2: Dispatch Parallel Reviewers
## Step 2: Dispatch Parallel Reviewers (MANDATORY for standard/deep)
For standard/deep PRs, spawn 3 subagents IN PARALLEL using the Agent tool. Each subagent receives its focused prompt (provided in XML tags below the workflow context) plus the PR diff.
**MANDATORY:** For standard and deep PRs, you MUST spawn exactly 3 subagents using the Agent tool. Do NOT skip this step. Do NOT review code yourself instead.
**Spawn all 3 simultaneously (in a single response with 3 Agent tool calls):**
Read the diff ONCE with `gh pr diff`, then spawn all 3 agents in a SINGLE response (3 Agent tool calls in parallel):
1. **Security Reviewer**Use the prompt from `<security-review-prompt>` tag. Append the full PR diff.
2. **Quality Reviewer**Use the prompt from `<quality-review-prompt>` tag. Append the full PR diff.
3. **CCS Compliance Reviewer**Use the prompt from `<ccs-compliance-review-prompt>` tag. Append the full PR diff.
1. **Security Reviewer**Agent tool with prompt from `<security-review-prompt>` tag + the full PR diff. Description: "Security review"
2. **Quality Reviewer**Agent tool with prompt from `<quality-review-prompt>` tag + the full PR diff. Description: "Quality review"
3. **CCS Compliance Reviewer**Agent tool with prompt from `<ccs-compliance-review-prompt>` tag + the full PR diff. Description: "CCS compliance review"
For each Agent call, set description to "Security review" / "Quality review" / "CCS compliance review".
**IMPORTANT:** Read the diff ONCE, then pass it to all 3 agents. Do not make each agent read the diff separately.
Do NOT make each agent read the diff separately — pass it in their prompt.
## Step 3: Adversarial Review (Sequential)
-1
View File
@@ -300,7 +300,6 @@ jobs:
--model ${{ env.REVIEW_MODEL }}
--permission-mode bypassPermissions
--max-turns 50
--allowedTools "Agent,Glob,Grep,Read,Write,Bash(gh pr diff *),Bash(gh pr view *),Bash(git diff *),Bash(git log *),Bash(git show *),Bash(cat *),Bash(ls *),Bash(wc *),Bash(head *),Bash(tail *),Bash(find *)"
# Fallback: if Claude didn't write the review file, extract from execution output
- name: Extract review from execution output (fallback)