Feature Request: /gsd:code-review and /gsd:code-review-fix commands

[Billmvp73]

Pre-submission checklist

• I have searched existing issues and discussions — this has not been proposed and declined before
• I have read CONTRIBUTING.md and understand that I must wait for approved-feature before writing any code
• I have read the existing GSD commands and workflows and confirmed this feature does not duplicate existing behavior
• This feature solves a problem for solo developers using AI coding tools, not a personal preference or workflow I happen to like

---

Feature name

Automated code review and auto-fix commands: /gsd:code-review and /gsd:code-review-fix

Type of addition

New command (slash command or CLI flag) + New workflow (multi-step process)

The solo developer problem

When /gsd:execute-phase completes, there is no automated quality gate between execution and verification. The verifier checks whether must-haves are satisfied, but does not detect bugs, security issues, or code quality problems in the produced code. As a result, a developer running the full GSD pipeline can ship code with latent bugs that only surface during manual UAT or in production. The gap between execution and verification is currently a blind spot.

What this feature adds

Two new slash commands:

/gsd:code-review <phase> [--depth=quick|standard|deep] [--files file1,file2,...]
Spawns a gsd-code-reviewer agent that reads source files changed during a phase and produces a structured {padded_phase}-REVIEW.md artifact with severity-classified findings (Critical / Warning / Info). Each finding includes file path, line number, description, and a concrete fix suggestion.

/gsd:code-review-fix <phase> [--all] [--auto]
Reads REVIEW.md findings and spawns a gsd-code-fixer agent that applies fixes, commits each fix atomically with fix({phase}): {id} {description} format, and produces {padded_phase}-REVIEW-FIX.md. The --auto flag enables an iteration loop (capped at 3) that re-reviews after fixing.

Both commands integrate automatically into execute-phase, quick, and autonomous workflows via a workflow.code_review config gate (default: true).

Example usage:

/gsd:code-review 3
> Code review found 2 issues. Consider running: /gsd:code-review-fix 3

/gsd:code-review-fix 3
> Fixed 2/2 findings. REVIEW-FIX.md created.

Full scope of changes

Files created:

• agents/gsd-code-reviewer.md — review agent with 3 depth levels (quick/standard/deep)
• agents/gsd-code-fixer.md — fix agent with atomic git rollback and 3-tier verification
• commands/gsd/code-review.md — slash command definition
• commands/gsd/code-review-fix.md — slash command definition
• get-shit-done/workflows/code-review.md — review orchestration workflow
• get-shit-done/workflows/code-review-fix.md — fix orchestration workflow
• tests/code-review.test.cjs — 35 tests covering all artifacts and integration points

Files modified:

• get-shit-done/bin/lib/config.cjs — register workflow.code_review and workflow.code_review_depth config keys
• get-shit-done/workflows/execute-phase.md — add code_review_gate step (PIPE-01)
• get-shit-done/workflows/quick.md — add Step 6.25 code review (PIPE-03)
• get-shit-done/workflows/autonomous.md — add Step 3c.5 review+fix chain (PIPE-02)

User stories

1. As a solo developer, I want code review to run automatically after phase execution so that bugs are caught before the verifier runs, reducing the number of gap-closure cycles.
2. As a solo developer, I want to auto-fix code review findings so that I can resolve quality issues without manually editing files for each finding.
3. As a solo developer, I want code review to be configurable so that I can disable it for phases where it adds overhead without value (e.g., pure documentation phases).

Acceptance criteria

• /gsd:code-review <phase> invocable from CLI, scopes review to source files changed during the phase
• Review produces {padded_phase}-REVIEW.md artifact with severity-classified findings
• Review skips if no source files changed during phase
• Review is configurable via workflow.code_review in config.json (default: true)
• /gsd:code-review-fix <phase> reads REVIEW.md and applies fixes with per-finding atomic commits
• Fix command produces {padded_phase}-REVIEW-FIX.md summary artifact
• Fix loop capped at 3 iterations maximum when --auto flag used
• execute-phase.md auto-invokes code-review after execution (configurable)
• quick.md auto-invokes code-review after executor completes (configurable)
• autonomous.md chains code-review → code-review-fix between execute and verify steps
• All existing tests still pass; 35 new tests added

Which area does this primarily affect?

Multiple areas: Core workflow (new commands) + Planning system (new config keys) + Runtime integration (workflow modifications)

Applicable runtimes

• Claude Code (primary — agent spawning via Task() is Claude Code specific)

Breaking changes assessment

None — adds new commands and config keys, inserts non-blocking advisory steps into existing workflows. All three workflow modifications are guarded by workflow.code_review=false for opt-out. All modifications degrade gracefully on failure.

Maintenance burden

• No new external dependencies
• Agent definitions must be updated if the GSD agent pattern changes
• Config keys must be kept in sync if config schema changes
• 35 new tests to maintain; integration tests skip gracefully when plugin directory is absent (CI-safe)

Alternatives considered

1. Embed review inside the verifier — rejected: verifier checks must-haves, not code quality. Mixing concerns makes the verifier harder to reason about.
2. Make review a step inside execute-phase only — rejected in favor of standalone commands (PR feat: add automatic code review with autofix after execution #661 took this approach and was closed due to staleness). Standalone commands are composable: usable independently, retroactively, or in custom pipelines.
3. Use an external tool (CodeRabbit, GitHub code review) — rejected to keep GSD self-contained with no external service dependencies.

Prior art and references

• PR feat: add automatic code review with autofix after execution #661 (closed/stale) attempted to add auto code review inside execute-phase.md — this proposal creates standalone commands instead
• Implementation available in PR feat: add /gsd:code-review and /gsd:code-review-fix commands #1630 (pending this issue approval)

[trek-e]

Triage: ✅ Approved

Template: Feature Request — correctly used.
Scope: Cohesive pair of commands (/gsd:code-review + /gsd:code-review-fix) that form a single workflow unit.

Well-documented proposal with clear problem statement, concrete acceptance criteria, honest maintenance burden assessment, and thoughtful alternatives (including reference to the closed PR #661). The two commands are a natural pair — review finds issues, fix resolves them — so keeping them in one proposal is appropriate.

Approved for implementation. Labeling approved-feature.

Implementation notes

• The workflow.code_review config key should follow the existing boolean config pattern in config.cjs (validateConfig → KNOWN_KEYS)
• Agent definitions (gsd-code-reviewer.md, gsd-code-fixer.md) should follow the existing agent frontmatter pattern in agents/
• The 3-iteration cap on --auto is a smart safety gate — make sure it's tested explicitly
• Atomic commits per finding is ambitious; consider what happens if a fix introduces a syntax error that blocks subsequent fixes
• The PIPE-01/PIPE-02/PIPE-03 integration points into existing workflows should be guarded by the config key as described

Suggested test structure:

1. Review produces correctly formatted REVIEW.md with severity classifications
2. Review skips when no source files changed
3. Fix applies atomic commits per finding
4. --auto loop respects 3-iteration cap
5. Config workflow.code_review: false disables auto-invocation in workflows