chore: track claude skills, tools, templates, reference code and research-wiki

- Add all claude skills (brainstorming, commit, debugging, TDD, etc.)
- Add claude hooks (pre-commit-guard, post-edit-quality)
- Add research templates (experiment plan, research brief, etc.)
- Add claude tools (arxiv/semantic_scholar/openalex fetch, wiki, exa)
- Add TRM4 reference implementation as algorithm fidelity baseline
- Add research-wiki content (plans, index, graph, query_pack)
- Update .gitignore to exclude .graphify_version runtime state
This commit is contained in:
2026-07-06 20:59:03 -04:00
parent 0616d16956
commit 6bdb802f01
98 changed files with 19321 additions and 0 deletions
@@ -0,0 +1,104 @@
# Code Quality Reviewer Prompt Template
Use this template when running the code quality review as a read-only Codex session (`/codex:rescue --fresh --wait`). Codex reads the diff and returns a structured critique; it does not modify code. Only run this **after** spec compliance review has approved the work.
This same template is reused for the **final whole-implementation review** at the end of the plan — just widen the scope from "this task's commits" to "every commit on this branch since plan execution started," and pass the plan itself as additional context.
---
```
Codex review (read-only) — pass this as the /codex:rescue --fresh --wait prompt body:
description: "Review code quality for Task N" # or "Final whole-implementation review"
prompt: |
You are reviewing the code quality of work that has already passed spec compliance review. The implementer was a Claude Code subagent; you are Codex, and the spec review was a prior Codex pass. You are running read-only — read the diff and report; do not edit code.
## What Was Built
[Brief recap of the task — one paragraph. For the final whole-implementation review, paste the full plan summary here instead.]
## Working Directory
[Absolute path of the worktree.]
## Commits to Review
[Space-separated list of commit SHAs. For per-task review, just this task's SHAs. For the final review, every SHA on the branch since plan execution started.]
## CRITICAL: Read the Code
Do not rely on commit messages or the implementer's notes. Read `git show <sha>` for each commit. Read the surrounding files for context. The implementer is a Claude Code subagent running on a different model from a different provider; that gives you a structural advantage over single-model review, but it does not absolve you of actually reading the diff.
## Your Job
Evaluate the implementation against these dimensions. Spec compliance is already verified — do not re-litigate it.
**Architecture and decomposition**
- Are responsibilities cleanly separated, or are concerns tangled?
- Are the new units (functions, modules, classes) sized appropriately, or are any growing into "god" structures?
- Do the public interfaces between new units make sense, or are internals leaking?
**Plan conformance**
- Does the file structure match what the plan called for?
- Do the type signatures and names introduced here match what later tasks in the plan will expect to consume?
**Code quality**
- Naming: are names clear and consistent with the rest of the codebase?
- Error handling: are failures handled, surfaced, and logged appropriately? Any swallowed exceptions or silent fallbacks?
- Magic numbers / strings: are constants extracted and named?
- Duplication: is there copy-pasted logic that should be a helper?
- Dead code: any commented-out code, unreachable branches, or unused exports?
- Readability: can a new contributor follow the flow without help?
**Logging and run records**
- If the change records runtime data, does it go through the project's structured logging / `SqliteRunStore` (persisted) path rather than raw SQL or ad-hoc file writes?
- Are persisted records carrying the expected correlation IDs (patient / session / image) so they are traceable?
**Tests**
- Are tests meaningful (testing behavior, not implementation detail)?
- Are edge cases covered, or is it all happy path?
- Are there flaky patterns (timing, ordering, hidden global state)?
- Test names: do they describe behavior, not internals?
**File growth and codebase health**
- Did any file cross a reasonable size threshold in this work? If so, is the new content cohesive with what was already there, or should it have been a new file?
- Did the implementer introduce new dependencies, new build steps, or new top-level directories? Justified?
## Calibration
Only flag issues that matter. Minor stylistic preferences, formatting nits, and "I would have named it differently" are NOT blocking. Categorize what you find:
- **Critical** — Will cause real bugs, security issues, data corruption, or break a downstream task in the plan. Must be fixed.
- **Important** — Will cause maintenance pain, confusing behavior, or fragile code. Should be fixed.
- **Minor** — Worth mentioning so the implementer can address it cheaply, but not blocking.
Approval requires zero Critical and zero Important issues. Minor issues are advisory.
## Report Format
Return your review in this structure:
```
Verdict: <APPROVED | CHANGES_REQUESTED>
Strengths:
- <bullet per genuine strength — be honest, brief, and specific. If there are no real strengths, say so.>
Issues:
Critical:
- <bullet per critical issue with file:line reference and what's wrong>
- or "none"
Important:
- <bullet per important issue with file:line reference>
- or "none"
Minor:
- <bullet per minor issue with file:line reference>
- or "none"
Assessment:
<One short paragraph: overall quality, whether this is solid for downstream tasks, anything cross-cutting the controller should know.>
```
If Verdict is `APPROVED`, the controller will mark the task complete.
If Verdict is `CHANGES_REQUESTED`, the controller will send your findings to the implementer subagent via `SendMessage` and re-run this Codex review on the result.
```
@@ -0,0 +1,114 @@
# Code Style Reviewer Prompt Template
Use this template when running the code style review as a read-only Codex session (`/codex:rescue --fresh --wait`). Codex reads the diff and returns a structured critique; it does not modify code. Only run this **after** spec compliance review has approved the work.
This reviewer focuses on code **form and style** — conciseness, abstraction level, naming quality, comment appropriateness. It complements (does not replace) the code-quality-reviewer which focuses on architecture and functional correctness.
---
```
Codex review (read-only) — pass this as the /codex:rescue --fresh --wait prompt body:
description: "Review code style for Task N"
prompt: |
You are reviewing the code style and form of work that has already passed spec compliance review. The implementer was a Claude Code subagent; you are Codex, running read-only. Your job is to catch over-engineering, unnecessary complexity, and style violations that automated tools cannot detect — read the diff and report; do not edit code.
## What Was Built
[Brief recap of the task — one paragraph.]
## Working Directory
[Absolute path of the worktree.]
## Commits to Review
[Space-separated list of commit SHAs.]
## Project Coding Principles (ranked by priority)
These are the project's non-negotiable coding principles. Violations are issues.
1. **YAGNI** — No code that isn't needed right now. No "just in case" parameters, no unused abstractions, no speculative generality.
2. **Readability** — Domain-term naming (not implementation naming). Comments explain WHY, never WHAT. If code needs a WHAT comment, the code is unclear — refactor it.
3. **Single Responsibility** — Each function does one thing. If you need "and" to describe it, split it.
4. **Explicit over Implicit** — Type annotations on all public functions. No hidden global state access. No default parameters masking logic.
5. **Defensiveness** — No bare `except:` or `except Exception: pass`. No swallowed errors. No default values masking failures.
6. **Simplicity** — A function is better than a class. A flat structure is better than nested. Three clear lines beat one clever one-liner.
## Your Job
Read the actual code via `git show <sha>` and file reads. Evaluate against these dimensions:
**Over-engineering / Unnecessary Abstraction**
- Are there classes that could be plain functions?
- Are there inheritance hierarchies that could be composition or just data?
- Are there factory patterns, builder patterns, or strategy patterns where a simple if/else would suffice?
- Is there unnecessary indirection (wrapper functions that just forward to another function)?
**YAGNI Violations**
- Parameters or config options that nothing currently uses?
- "Extension points" or "plugin systems" for hypothetical future needs?
- Generic solutions where a specific one would be simpler and sufficient?
**Naming and Clarity**
- Are names domain-specific or generic-technical? (`DiagnosisEngine` good, `DataProcessorFactory` bad)
- Can you understand what a function does from its name alone?
- Are variable names descriptive or abbreviated?
**Comment Quality**
- Missing WHY comments on non-obvious decisions?
- Present but useless WHAT comments? (e.g., `# increment counter` above `counter += 1`)
- Outdated comments that contradict the code?
**Conciseness**
- Could any 10-line block be expressed in 3 lines without losing clarity?
- Are there repeated patterns that should be extracted (but only if used 3+ times)?
- Is there dead code, commented-out code, or unreachable branches?
**Type Annotations**
- Do all public functions have complete parameter and return type annotations?
- Are complex types properly aliased for readability?
## Calibration
**This is NOT a linting review.** Automated tools already checked formatting and lint rules. Focus exclusively on things that require judgment:
- Is this the SIMPLEST way to solve this problem?
- Would a reader understand this without context?
- Does the abstraction level match the problem complexity?
Only flag issues that a competent developer would agree represent unnecessary complexity or unclear code. Style preferences that don't affect readability are NOT issues.
Severity levels:
- **Important** — Genuine over-engineering, YAGNI violation, or significantly unclear code. Should be simplified.
- **Minor** — Could be slightly simpler or clearer, but not blocking.
No "Critical" category here — that belongs to the functional quality reviewer.
## Report Format
```
Verdict: <APPROVED | CHANGES_REQUESTED>
Over-engineering:
- <bullet with file:line, what's over-engineered, simpler alternative>
- or "none"
YAGNI violations:
- <bullet with file:line, what's unneeded>
- or "none"
Clarity issues:
- <bullet with file:line, what's unclear and how to fix>
- or "none"
Style notes (advisory):
- <minor observations, not blocking>
Assessment:
<One sentence: is this code as simple as it could be while remaining correct?>
```
If Verdict is `APPROVED`, the controller will mark the task complete.
If Verdict is `CHANGES_REQUESTED`, the controller will send your findings to the implementer subagent via `SendMessage`.
```
@@ -0,0 +1,103 @@
# Spec Compliance Reviewer Prompt Template
Use this template when running the spec compliance review as a read-only Codex session (`/codex:rescue --fresh --wait`). Codex reads the diff and returns a structured critique; it does not modify code.
**Purpose:** Verify the Claude implementer subagent built what was requested — nothing more, nothing less.
---
```
Codex review (read-only) — pass this as the /codex:rescue --fresh --wait prompt body:
description: "Review spec compliance for Task N"
prompt: |
You are reviewing whether a Claude Code implementer subagent's work matches its specification. You are Codex, running read-only — read the diff and report; do not edit code.
## What Was Requested
[FULL TEXT of task requirements — paste verbatim from the plan]
## What the Implementer Claims They Built
[Paste the implementer subagent's full final report here, including the STATUS block, COMMIT_SHAS, FILES_CHANGED, and NOTES.]
## Working Directory
[Absolute path of the worktree.]
## Commits to Review
[Space-separated list of commit SHAs from the implementer's report. Base your analysis on these specific commits, not on the entire repo history.]
## CRITICAL: Do Not Trust the Report
The implementer is a Claude Code subagent; you are Codex, a different model from a different provider. Its self-report may be incomplete, inaccurate, or optimistic. Cross-provider does not mean trustworthy — it means the report has not yet been independently verified. You MUST verify everything independently by reading the actual diff.
**DO NOT:**
- Take the implementer's word for what it implemented
- Trust its claims about completeness
- Accept its interpretation of requirements
**DO:**
- Read the actual code via `git show <sha>` and direct file reads
- Compare actual implementation to requirements line by line
- Check for missing pieces it claimed to implement
- Look for extra features it didn't mention
## Your Job
Read the implementation code and verify:
**Missing requirements**
- Did the implementer implement everything that was requested?
- Are there requirements they skipped or missed?
- Did they claim something works but not actually implement it?
- For every acceptance criterion in the spec, can you point to the specific lines that satisfy it?
**Extra / unrequested work**
- Did they build things that weren't requested?
- Did they over-engineer or add unnecessary features?
- Did they add "nice to haves" that weren't in the spec?
- Are there new files, flags, or dependencies that the spec didn't ask for?
**Misunderstandings**
- Did they interpret requirements differently than intended?
- Did they solve the wrong problem?
- Did they implement the right feature in the wrong way (e.g., correct behavior but wrong interface, wrong file location, or wrong type signatures that won't compose with later tasks)?
**Tests**
- Are the tests actually testing what the spec requires, or just exercising whatever code exists?
- Did they delete or weaken existing tests to make things pass?
Verify by reading code and tests, not by trusting the report.
## Calibration
Only flag issues that would cause real problems during implementation or in the next task. Minor wording, stylistic preferences, and formatting quibbles are NOT spec-compliance issues — those belong to the code quality reviewer. Stay in your lane: did they build what was asked for, or didn't they.
## Report Format
Return your review in this structure:
```
Verdict: <APPROVED | CHANGES_REQUESTED>
Missing requirements:
- <bullet per missing requirement, with the spec quote it violates>
- or "none"
Extra/unrequested work:
- <bullet per extraneous addition>
- or "none"
Misunderstandings:
- <bullet per misunderstanding, with what the spec said vs. what was built>
- or "none"
Notes:
- <anything else the controller should know, but not blocking>
```
If Verdict is `APPROVED`, the controller will proceed to code quality review.
If Verdict is `CHANGES_REQUESTED`, the controller will send your findings to the implementer subagent via `SendMessage` and re-run this Codex review on the result.
```