DOCS · REFERENCE · COMMANDS · BUILD

review-code/synthex:review-code

Build

Multi-perspective review — Code + Security + (optional) Performance.

Invocation

Run from inside Claude Code in any project where Synthex is installed:

/synthex:review-code

Some commands accept parameters; see the source-of-truth file linked below for the full parameter list and workflow.

Lifecycle phase

Build. Parallel-executed, peer-reviewed task delivery.

  • Tech Lead · Full-stack orchestrator. Breaks tasks down, delegates to specialists, rolls up the result.
  • Lead Frontend Engineer · Coordinates frontend delivery, enforces UX quality, accessibility, and design-system fidelity.
  • Architect · System design, ADRs, plan-review feasibility, technology trade-offs.
  • Code Reviewer · Craftsmanship review — correctness, maintainability, reuse, conventions.
  • Security Reviewer · Mandatory gate. Secrets, injection, auth, supply chain, OWASP.
  • Quality Engineer · Test strategy, gap analysis, behavior-driven test authoring.
  • Design System · Token ownership, component governance, compliance audit.
  • Technical Writer · API docs, guides, migrations, changelogs verifiable against code.

Source

The command's parameters, workflow, and sub-agent invocations are defined in markdown at bluminal/lumenai/blob/main/plugins/synthex/commands/review-code.md.

Last modified:

What it does, end-to-end

review-code/synthex:review-code is the standalone command for reviewing a diff. It runs the same reviewer pipeline that next-priority/synthex:next-priority uses internally during the build phase — but here it's user-facing, so you can invoke it on demand against any diff.

Each invocation:

  1. Resolves the diff under review. Default: the staged + unstaged changes in the current git worktree. Override via parameters to target a specific commit range, branch, or PR diff.
  2. Assembles the context bundle. The Context Bundle Assembler agent gathers the diff, the surrounding code (where reviewers might need to understand callers/callees), the project conventions (CLAUDE.md, .eslintrc, .prettierrc), and any relevant specs under code_review.spec_paths.
  3. Fans out to reviewers. The mandatory pair — Code Reviewer and Security Reviewer — runs in parallel, along with any specialists configured under code_review.specialists or code_review.reviewers.
  4. Optionally fans out to multi-model. When the project's config opts in (per-command multi_model: true or via the FR-MR21 decision order based on diff risk + size), the Multi-Model Review Orchestrator also runs Claude alongside external CLI adapters (GPT, Gemini, etc.). All verdicts feed into the same consolidator.
  5. Consolidates findings. The Findings Consolidator dedupes, preserves attribution, ranks by severity. Output is one tractable list, not three-to-five overlapping reports.
  6. Iterates the review loop. If findings at or above min_severity_to_address (default high) remain, the orchestrator (Tech Lead, when invoked from next-priority/synthex:next-priority, or you, when run standalone) addresses them and reviewers re-run. Bounded by max_cycles (default 2).
  7. Emits a verdict. PASS / WARN / FAIL with the consolidated findings list. PASS = no findings at or above the threshold. WARN = findings exist below the threshold. FAIL = findings at or above remain after the cycle cap.

Reviewer roster

Default mandatory pair:

code_review:
  reviewers:
    - code-reviewer
    - security-reviewer

Add specialists for performance-critical or regulated codebases:

code_review:
  reviewers:
    - code-reviewer
    - security-reviewer
    - performance-engineer
  specialists:
    - agent: compliance-reviewer
      focus: "Regulatory compliance, audit-trail requirements"

The convention: reviewers always run; specialists attach when the diff matches their focus area (regex or path-based, defined per specialist).

What "PASS" actually means

A PASS verdict is not a guarantee the code is correct. It is a guarantee that:

  • Both mandatory reviewers ran on the diff.
  • All findings at or above the configured severity threshold were addressed.
  • The diff matches the project conventions in convention_sources (within the reviewer's ability to detect).
  • No spec violations were found in the configured spec_paths.

It does not guarantee runtime correctness, performance, or completeness — those are covered by tests, audits, and observation, not review. The reviewers are advisory; the final accountability for what merges is the orchestrating agent's (and yours, for [H] gates).

When to invoke it directly

You normally don't — next-priority/synthex:next-priority wraps it during the build phase. Reach for review-code/synthex:review-code standalone when:

  • Running review on a non-Synthex-orchestrated change (manual edit, hotfix, contributor PR).
  • Reviewing a diff that's larger than code_review.max_diff_lines (default 300) — the reviewer warns and gives lower-confidence findings, but the verdict is still useful.
  • Re-running review after addressing prior findings without re-engaging the full Tech Lead workflow.

Parameters

ParameterDescriptionDefaultRequired
diff_targetWhat to review: a branch, commit range, or "working" for staged+unstagedworkingNo
multi_modelForce multi-model review on or off (overrides config)Value from code_review.multi_modelNo
severityOverride min_severity_to_address for this runValue from code_review.review_loopsNo

Common scenarios

"Diff is too large to review"

The reviewer warns when a diff exceeds max_diff_lines. You have two options:

  • Split the diff into smaller PRs, then review each. This is the higher-quality path.
  • Proceed with the warning and accept that findings will be less precise.

Synthex defaults to the warning rather than refusing, because real projects sometimes need to review a large change.

"All findings are below the threshold"

PASS verdict, but the consolidated findings list is non-empty. These are recorded in the output for your review; they don't block merge but they're worth scanning. Some teams set a quarterly cleanup cadence to address accumulated medium findings as a batch.

"Reviewers disagree on severity"

The Findings Consolidator preserves both verdicts with attribution. You decide. Disagreement is high-signal — usually it means the issue has a nuance one reviewer caught and the other didn't.