Assemble Panel

Centralizes reviewer selection and loop governance. Returns a panel + policy to the caller; the caller dispatches. This skill produces data — it never dispatches agents or modifies files.

Integration Contract

Callers provide:

• scope: a plan file path OR a git diff (the artifact under review)

• overrides (optional): { include: [], exclude: [] }

Returns (structured text the caller parses):

• panel: ordered list of reviewer agent names

• policy: gate, cap, and the algebra below

Fallback when unavailable: [technical-editor, code-reviewer], gate=P2, cap=3.

Cross-tool note: Codex/Cursor cannot invoke skills via the Skill tool. Read this file directly and apply the policy algebra inline.

Policy Algebra (frozen — do not modify, version: 1)

DEFAULTS:

  gate    = P2                       # fix P0-P2, record P3+

  cap     = 3                        # max rounds before escalate

  always  = [technical-editor]       # expandable, never reducible

ASSEMBLE(scope: plan_file | diff):

  panel = always

        + select_by_scope(file_types(scope))

        + select_by_keywords(body(scope))

        + overrides.include

        - overrides.exclude            # cannot remove `always` members

RETAIN(reviewer, round_findings):

  keep(reviewer) while round_findings.any_above(gate)

EXPAND(panel, prior_scope, current_scope):

  new_coverage = file_types(current_scope) - file_types(prior_scope)

  panel += select_by_scope(new_coverage) when new_coverage

CONVERGE(round, panel, cap):

  APPROVE   when all(reviewer.done for reviewer in panel)

  ESCALATE  when round >= cap

  EXIT      when any(reviewer.verdict == DROP)

  continue  otherwise

ESCALATE_RECURRING(finding, rounds_present):

  finding.severity += 1 when rounds_present >= 2

Scope-to-Reviewer Map

Used by select_by_scope(file_types):

File pattern

Reviewer

.ts, .js, src/, tests/

code-reviewer

.yml, .github/workflows/

code-reviewer, security-auditor

.sh, scripts/, hooks/

code-reviewer, security-auditor

.md (plans, ADRs, docs)

architect-reviewer

*.css, *.tsx, UI components

design-reviewer, accessibility-tester

sync.sh, AGENTS.md, config.toml, skills

codex-specialist

*.pem, *.key, secrets patterns

security-auditor

When multiple patterns match, union all reviewers. Duplicates collapsed.

Keyword-to-Reviewer Map

Used by select_by_keywords(body):

Keyword / phrase

Reviewer

"architecture", "ADR", "system design", "plan"

architect-reviewer

"security", "auth", "token", "PAT", "OIDC"

security-auditor

"WCAG", "accessibility", "a11y", "aria"

accessibility-tester

"UI", "component", "layout", "design system"

design-reviewer

"docs", "research", "ecosystem", "reference", "educational"

fact-checker

"Codex", "cross-tool", "sync.sh"

codex-specialist

Keywords are case-insensitive substring matches against the scope body.

Override Rules

• overrides.include appends reviewers unconditionally.

• overrides.exclude removes reviewers EXCEPT those in always. Attempting to exclude an always member is silently ignored.

• Invalid reviewer names are rejected with an error listing valid names.

Failure Modes

• Scope empty or unreadable: return always panel only, warn caller.

• No file types detected: fall back to keyword matching only. If neither matches, return always panel.

• Caller requests cap > 5: clamp to 5. Non-negotiable ceiling.

• Panel exceeds 5 members: warn caller — likely a sign the change is too broad.

• Reviewer unavailable at dispatch time: caller skips that reviewer and notes the gap.

Orchestrator Authority

The panel recommends; the orchestrator (the agent dispatching the panel) decides. The gate and cap above are inputs to that decision, not overrides of it.

MAY:

• Descope a P1/P2 finding if addressing it balloons scope past a single concern — file a follow-up issue.

• Split into phased PRs when panel findings grow scope past a reasonable single landing. Core ships first; hardening and docs follow. Pre-dispatch: before handing off to an implementer, check the plan's scope — if Files-to-Modify > 5 OR total planned test count > 8, split into sequential phases upfront. The reactive trigger above fires after panel feedback; this fires before implementation starts, preventing single-agent context overflow (e.g., PR #241: 3 new scripts + aggregator changes + ADR + 11 tests → 78 tool uses → overflow).

• Push back on false positives with explicit rationale. If the same finding recurs across reviewers or rounds, examine why — either the reviewers are right, or there's a structural reason the code looks like the pattern they're flagging. When pushing back, name the finding (reviewer + severity + quoted text), give the rationale, and cite evidence (code paths, existing patterns, prior ADRs).

• Accept with documented deviation — address some P1s, defer others with justification in the plan's Risks section.

MUST NOT:

• Silently drop P0 findings. P0 must be addressed, escalated, or the plan rejected.

• Override security-auditor findings without escalating to a human.

Escalate to human when:

• A P0 is disputed and the rationale for pushback isn't clear.

• Multiple reviewers converge on a concern the orchestrator disagrees with.

• A security finding's mitigation trade-off affects the trust model.

Example pushback:

Security-auditor P1: "Include severity inside HMAC payload."

Orchestrator: Pushing back. Severity is computed by a separate classifier (classify-findings.sh), not emitted by the CLI wrapper, so it's not available at sign-time. Binding it into HMAC would require restructuring the entire review pipeline. Alternative: include tier in fingerprint — this closes the cross-tier collision vector without HMAC restructure. Will address P0-2 with tier-in-fingerprint; defer severity-in-HMAC as a separate ADR if needed.

Output Format

PANEL: technical-editor, code-reviewer, security-auditor

GATE: P2

CAP: 3

ALWAYS: technical-editor

NOTE: codex-specialist included — scope touches sync.sh

One NOTE line per non-obvious selection decision. Callers surface these in review summaries.