cc-reviewer 4.0.0 → 5.1.0

package/commands/multi-review.md

@@ -1,13 +1,25 @@
 # Multi Review
 
-Get parallel reviews from Codex, Gemini, and a fresh Claude (Opus) instance, raw output for manual synthesis.
+Get parallel standard AND adversarial reviews from all available models (Codex, Gemini, Claude Opus).
+
+Each model runs twice: once as a standard reviewer (finding bugs, issues, improvements) and once as an adversarial challenger (breaking confidence in the change, questioning assumptions, targeting hidden failure paths). Results are presented in two sections.
+
+Use `$ARGUMENTS` to steer the adversarial focus (e.g., "focus the challenge on race conditions and rollback safety").
 
 ## Arguments
-- `$ARGUMENTS` - Optional: focus area or custom instructions
+- `$ARGUMENTS` - Optional: focus area, custom instructions, or adversarial steering
 
 ## When to Use
 
-Use `/multi-review` when you want parallel reviews from Codex, Gemini, and a fresh Claude (Opus) instance.
+Use `/multi-review` when you want thorough parallel reviews from all available models. Every invocation includes both standard and adversarial passes.
+
+## Examples
+
+```
+/multi-review
+/multi-review focus the challenge on race conditions and rollback safety
+/multi-review challenge whether this was the right caching and retry design
+```
 
 ## Before Calling - PREPARE THE HANDOFF
 
@@ -22,7 +34,6 @@ Added cache invalidation on product updates."
 UNCERTAINTIES:
 - "Is the cache TTL appropriate for this data?"
 - "Does the invalidation handle all update scenarios?"
-- "Is the Redis connection pooling configured correctly?"
 ```
 
 ### 3. Ask Specific Questions
@@ -42,7 +53,7 @@ Call `multi_review` with:
   "ccOutput": "<structured handoff>",
   "outputType": "analysis",
   "focusAreas": ["<from $ARGUMENTS>"],
-  "serviceTier": "<see below>"
+  "customPrompt": "<steering text from $ARGUMENTS for adversarial focus>"
 }
 ```
 
@@ -70,21 +81,22 @@ PRIORITY FILES:
 
 ## After Receiving Review
 
-You will receive separate reviews from each model.
+You will receive two sections: **Standard Review Findings** and **Challenge Review Findings**.
 
-### Synthesize Manually
+### Synthesize
 
-1. **Find agreements** (both models say same thing)
-   - Higher confidence
-   - Still verify yourself
+1. **Standard findings** — bugs, issues, improvements from each model
+   - Find agreements across models (higher confidence)
+   - Identify conflicts (YOU decide who's right)
 
-2. **Identify conflicts** (they disagree)
-   - Read the code
-   - YOU decide who's right
+2. **Challenge findings** — adversarial challenges from each model
+   - These target assumptions and design decisions, not just bugs
+   - Evaluate on merit — some challenges are speculative by design
+   - Strong challenges with evidence deserve serious consideration
 
-3. **Note unique insights**
-   - Findings only one model found
-   - Evaluate on merit
+3. **Cross-reference** standard vs challenge findings
+   - Standard + challenge agreement = high confidence issue
+   - Challenge-only finding = investigate further before acting
 
 4. **Verify all findings**
    - Check file/line references exist

package/dist/adapters/base.d.ts

@@ -41,6 +41,8 @@ export interface ReviewRequest {
     reasoningEffort?: ReasoningEffort;
     /** Service tier (for models that support it: priority = fast, flex = cheap) */
     serviceTier?: ServiceTier;
+    /** Review mode: standard finds bugs, adversarial challenges assumptions */
+    reviewMode?: 'standard' | 'adversarial';
 }
 /** @deprecated Use handoff.ts roles instead */
 export interface ExpertRole {

package/dist/adapters/claude.js

@@ -15,7 +15,7 @@ import { existsSync } from 'fs';
 import { registerAdapter, } from './base.js';
 import { CliExecutor } from '../executor.js';
 import { ClaudeEventDecoder } from '../decoders/index.js';
-import { buildSimpleHandoff, buildHandoffPrompt, selectRole, } from '../handoff.js';
+import { buildSimpleHandoff, buildHandoffPrompt, buildAdversarialHandoffPrompt, selectRole, } from '../handoff.js';
 // =============================================================================
 // CONFIGURATION
 // =============================================================================
@@ -63,8 +63,9 @@ export class ClaudeAdapter {
         }
         try {
             const handoff = buildSimpleHandoff(request.workingDir, request.ccOutput, request.analyzedFiles, request.focusAreas, request.customPrompt);
-            const role = selectRole(request.focusAreas);
-            const prompt = buildHandoffPrompt({ handoff, role });
+            const prompt = request.reviewMode === 'adversarial'
+                ? buildAdversarialHandoffPrompt({ handoff })
+                : buildHandoffPrompt({ handoff, role: selectRole(request.focusAreas) });
             const result = await this.runCli(prompt, request.workingDir);
             if (result.exitCode !== 0) {
                 const error = this.categorizeError(result.stderr);
@@ -88,6 +89,7 @@ export class ClaudeAdapter {
         const args = [
             '-p', // Non-interactive, print and exit
             '--model', 'opus', // Use Opus
+            '--bare', // Skip hooks, plugins, CLAUDE.md, auto-memory
             '--permission-mode', 'plan', // Read-only enforcement (layer 1)
             '--verbose', // Required for stream-json
             '--output-format', 'stream-json', // Structured streaming events
@@ -122,14 +124,20 @@ export class ClaudeAdapter {
         // Check for errors captured from stream events
         const decoderError = decoder.getError();
         if (decoderError) {
-            return { stdout: '', stderr: decoderError, exitCode: 1, truncated: false };
+            const combined = result.stderr ? `${decoderError}\n\nCLI stderr: ${result.stderr}` : decoderError;
+            return { stdout: '', stderr: combined, exitCode: 1, truncated: false };
         }
         const finalResponse = decoder.getFinalResponse();
         if (!finalResponse && decoder.hasNoOutput()) {
-            return { stdout: '', stderr: 'No response from Claude — possible rate limit or auth issue', exitCode: 1, truncated: false };
+            const combined = result.stderr ? `No output from Claude\n\nCLI stderr: ${result.stderr}` : 'No output from Claude';
+            return { stdout: '', stderr: combined, exitCode: 1, truncated: false };
+        }
+        if (!finalResponse) {
+            const combined = result.stderr ? `No result event from Claude\n\nCLI stderr: ${result.stderr}` : 'No result event from Claude';
+            return { stdout: '', stderr: combined, exitCode: 1, truncated: false };
         }
         return {
-            stdout: finalResponse || result.rawStdout,
+            stdout: finalResponse,
             stderr: result.stderr,
             exitCode: result.exitCode,
             truncated: result.truncated,
@@ -153,13 +161,13 @@ export class ClaudeAdapter {
     }
     categorizeError(stderr) {
         const lower = stderr.toLowerCase();
-        if (lower.includes('rate limit') || lower.includes('quota') || lower.includes('no response from claude')) {
-            return { type: 'rate_limit', message: 'Claude rate limit — try again later' };
+        if (lower.includes('rate limit') || lower.includes('rate_limit') || lower.includes('quota')) {
+            return { type: 'rate_limit', message: `Claude rate limit: ${stderr.slice(0, 500)}` };
         }
         if (lower.includes('unauthorized') || lower.includes('authentication') || lower.includes('api key') || stderr.includes('401') || stderr.includes('403')) {
-            return { type: 'auth_error', message: 'Authentication failed', details: { stderr } };
+            return { type: 'auth_error', message: `Authentication failed: ${stderr.slice(0, 500)}`, details: { stderr } };
         }
-        return { type: 'cli_error', message: stderr || 'Unknown error' };
+        return { type: 'cli_error', message: stderr.slice(0, 500) || 'Unknown error' };
     }
     getSuggestion(error) {
         switch (error.type) {

package/dist/adapters/codex.js

@@ -10,7 +10,7 @@ import { existsSync } from 'fs';
 import { registerAdapter, } from './base.js';
 import { CliExecutor } from '../executor.js';
 import { CodexEventDecoder } from '../decoders/index.js';
-import { buildSimpleHandoff, buildHandoffPrompt, selectRole, } from '../handoff.js';
+import { buildSimpleHandoff, buildHandoffPrompt, buildAdversarialHandoffPrompt, selectRole, } from '../handoff.js';
 // =============================================================================
 // CONFIGURATION
 // =============================================================================
@@ -59,8 +59,9 @@ export class CodexAdapter {
         }
         try {
             const handoff = buildSimpleHandoff(request.workingDir, request.ccOutput, request.analyzedFiles, request.focusAreas, request.customPrompt);
-            const role = selectRole(request.focusAreas);
-            const prompt = buildHandoffPrompt({ handoff, role });
+            const prompt = request.reviewMode === 'adversarial'
+                ? buildAdversarialHandoffPrompt({ handoff })
+                : buildHandoffPrompt({ handoff, role: selectRole(request.focusAreas) });
             const result = await this.runCli(prompt, request.workingDir, request.reasoningEffort || 'high', request.serviceTier);
             if (result.exitCode !== 0) {
                 const error = this.categorizeError(result.stderr);
@@ -123,14 +124,20 @@ export class CodexAdapter {
         // Check for errors captured from JSONL events
         const decoderError = decoder.getError();
         if (decoderError) {
-            return { stdout: '', stderr: decoderError, exitCode: 1, truncated: false };
+            const combined = result.stderr ? `${decoderError}\n\nCLI stderr: ${result.stderr}` : decoderError;
+            return { stdout: '', stderr: combined, exitCode: 1, truncated: false };
         }
         const finalResponse = decoder.getFinalResponse();
         if (!finalResponse && decoder.hasNoOutput()) {
-            return { stdout: '', stderr: 'No response from Codex — possible rate limit or model rejection', exitCode: 1, truncated: false };
+            const combined = result.stderr ? `No output from Codex\n\nCLI stderr: ${result.stderr}` : 'No output from Codex';
+            return { stdout: '', stderr: combined, exitCode: 1, truncated: false };
+        }
+        if (!finalResponse) {
+            const combined = result.stderr ? `No result event from Codex\n\nCLI stderr: ${result.stderr}` : 'No result event from Codex';
+            return { stdout: '', stderr: combined, exitCode: 1, truncated: false };
         }
         return {
-            stdout: finalResponse || result.rawStdout,
+            stdout: finalResponse,
             stderr: result.stderr,
             exitCode: result.exitCode,
             truncated: result.truncated,
@@ -154,16 +161,16 @@ export class CodexAdapter {
     }
     categorizeError(stderr) {
         const lower = stderr.toLowerCase();
-        if (lower.includes('rate limit') || lower.includes('possible rate limit') || lower.includes('no response from codex')) {
-            return { type: 'rate_limit', message: 'Codex rate limit — no tokens available' };
+        if (lower.includes('rate limit') || lower.includes('rate_limit')) {
+            return { type: 'rate_limit', message: `Codex rate limit: ${stderr.slice(0, 500)}` };
         }
         if (lower.includes('unauthorized') || lower.includes('authentication') || stderr.includes('401') || stderr.includes('403')) {
-            return { type: 'auth_error', message: 'Authentication failed', details: { stderr } };
+            return { type: 'auth_error', message: `Authentication failed: ${stderr.slice(0, 500)}`, details: { stderr } };
         }
         if (lower.includes('invalid_json_schema') || lower.includes('invalid_request_error')) {
-            return { type: 'cli_error', message: `API error: ${stderr.slice(0, 300)}` };
+            return { type: 'cli_error', message: `API error: ${stderr.slice(0, 500)}` };
         }
-        return { type: 'cli_error', message: stderr || 'Unknown error' };
+        return { type: 'cli_error', message: stderr.slice(0, 500) || 'Unknown error' };
     }
     getSuggestion(error) {
         switch (error.type) {

package/dist/adapters/gemini.js

@@ -10,7 +10,7 @@ import { existsSync } from 'fs';
 import { registerAdapter, } from './base.js';
 import { CliExecutor } from '../executor.js';
 import { GeminiEventDecoder } from '../decoders/index.js';
-import { buildSimpleHandoff, buildHandoffPrompt, selectRole, } from '../handoff.js';
+import { buildSimpleHandoff, buildHandoffPrompt, buildAdversarialHandoffPrompt, selectRole, } from '../handoff.js';
 // =============================================================================
 // CONFIGURATION
 // =============================================================================
@@ -56,8 +56,9 @@ export class GeminiAdapter {
         }
         try {
             const handoff = buildSimpleHandoff(request.workingDir, request.ccOutput, request.analyzedFiles, request.focusAreas, request.customPrompt);
-            const role = selectRole(request.focusAreas);
-            const prompt = buildHandoffPrompt({ handoff, role });
+            const prompt = request.reviewMode === 'adversarial'
+                ? buildAdversarialHandoffPrompt({ handoff })
+                : buildHandoffPrompt({ handoff, role: selectRole(request.focusAreas) });
             const result = await this.runCli(prompt, request.workingDir);
             if (result.exitCode !== 0) {
                 const error = this.categorizeError(result.stderr);
@@ -109,8 +110,11 @@ export class GeminiAdapter {
         const elapsed = Math.round((Date.now() - cliStartTime) / 1000);
         console.error(`[gemini] ✓ complete (${elapsed}s)`);
         const finalResponse = decoder.getFinalResponse();
+        if (!finalResponse && result.exitCode === 0) {
+            return { stdout: '', stderr: 'Gemini produced no output — review may have failed silently', exitCode: 1, truncated: false };
+        }
         return {
-            stdout: finalResponse || result.rawStdout,
+            stdout: finalResponse || '',
             stderr: result.stderr,
             exitCode: result.exitCode,
             truncated: result.truncated,
@@ -135,12 +139,12 @@ export class GeminiAdapter {
     categorizeError(stderr) {
         const lower = stderr.toLowerCase();
         if (lower.includes('rate limit') || lower.includes('quota')) {
-            return { type: 'rate_limit', message: 'Rate limit or quota exceeded' };
+            return { type: 'rate_limit', message: `Rate limit or quota exceeded: ${stderr.slice(0, 500)}` };
         }
         if (lower.includes('unauthorized') || lower.includes('authentication') || lower.includes('api key') || stderr.includes('401') || stderr.includes('403')) {
-            return { type: 'auth_error', message: 'Authentication failed', details: { stderr } };
+            return { type: 'auth_error', message: `Authentication failed: ${stderr.slice(0, 500)}`, details: { stderr } };
         }
-        return { type: 'cli_error', message: stderr || 'Unknown error' };
+        return { type: 'cli_error', message: stderr.slice(0, 500) || 'Unknown error' };
     }
     getSuggestion(error) {
         switch (error.type) {

package/dist/commands.js

@@ -18,6 +18,7 @@ const DEPRECATED_COMMANDS = [
     'ask-codex.md',
     'ask-gemini.md',
     'ask-multi.md',
+    'multi-review-adv.md',
 ];
 /**
  * Get source and target paths for command files

package/dist/handoff.d.ts

@@ -4,9 +4,10 @@
  * Defines the minimal, targeted information that should flow from CC to reviewers.
  *
  * Philosophy:
- * - Reviewers have filesystem + git access - don't duplicate what they can discover
+ * - Reviewers have filesystem access - don't duplicate what they can discover
  * - Pass ONLY what CC uniquely knows: uncertainties, decisions, questions
- * - Let reviewer use their tools (git diff, file reading) for actual code
+ * - Let reviewer use their tools (file reading) for actual code
+ * - Do NOT assume git — working directory may not be a git repo
  */
 import { z } from 'zod';
 import { FocusArea } from './types.js';
@@ -208,9 +209,19 @@ export declare const ARCHITECTURE_REVIEWER: ReviewerRole;
 export declare const CORRECTNESS_REVIEWER: ReviewerRole;
 export declare const ROLES: Record<string, ReviewerRole>;
 /**
- * Select the best role based on focus areas
+ * Select and compose roles based on focus areas.
+ *
+ * When multiple focus areas map to different roles (e.g. security + performance),
+ * composes them into a single role with merged prompts instead of picking one winner.
  */
 export declare function selectRole(focusAreas?: FocusArea[]): ReviewerRole;
+export declare const ADVERSARIAL_REVIEWER: ReviewerRole;
+/**
+ * Build an adversarial handoff prompt with challenge-mode stance sections.
+ * Same structure as buildHandoffPrompt but adds adversarial XML sections
+ * and uses the ADVERSARIAL_REVIEWER role.
+ */
+export declare function buildAdversarialHandoffPrompt(options: PromptOptions): string;
 export interface PromptOptions {
     handoff: Handoff;
     role?: ReviewerRole;
@@ -221,7 +232,30 @@ export interface PromptOptions {
  */
 export declare function buildHandoffPrompt(options: PromptOptions): string;
 /**
- * Build a handoff from legacy simple inputs
+ * Parse structured ccOutput into Handoff fields.
+ *
+ * The slash commands tell CC to format its output as:
+ *   SUMMARY:
+ *   <text>
+ *
+ *   UNCERTAINTIES (verify these):
+ *   1. <text>
+ *
+ *   QUESTIONS:
+ *   1. <text>
+ *
+ *   PRIORITY FILES:
+ *   - <file>
+ *
+ * If no sections detected, returns { summary: ccOutput } (graceful fallback).
+ */
+export declare function parseStructuredCcOutput(ccOutput: string): Pick<Handoff, 'summary'> & Partial<Handoff>;
+/**
+ * Build a handoff from MCP tool inputs.
+ *
+ * Parses structured sections (SUMMARY, UNCERTAINTIES, QUESTIONS, PRIORITY FILES)
+ * from ccOutput when present, populating typed Handoff fields so reviewers
+ * receive machine-usable context instead of a single summary blob.
  */
 export declare function buildSimpleHandoff(workingDir: string, ccOutput: string, analyzedFiles?: string[], focusAreas?: string[], customPrompt?: string): Handoff;
 /**

package/dist/handoff.js

@@ -4,9 +4,10 @@
  * Defines the minimal, targeted information that should flow from CC to reviewers.
  *
  * Philosophy:
- * - Reviewers have filesystem + git access - don't duplicate what they can discover
+ * - Reviewers have filesystem access - don't duplicate what they can discover
  * - Pass ONLY what CC uniquely knows: uncertainties, decisions, questions
- * - Let reviewer use their tools (git diff, file reading) for actual code
+ * - Let reviewer use their tools (file reading) for actual code
+ * - Do NOT assume git — working directory may not be a git repo
  */
 import { z } from 'zod';
 // =============================================================================
@@ -87,7 +88,7 @@ export const CHANGE_FOCUSED_REVIEWER = {
     isGeneric: true,
     applicableFocusAreas: [],
     systemPrompt: `Change reviewer. Focus on: goal achievement, regressions, edge cases, side effects.
-Reference specific lines in the diff.`,
+Reference specific lines in the source files.`,
 };
 /**
  * Specialized roles - when specific focus is requested
@@ -126,7 +127,8 @@ export const CORRECTNESS_REVIEWER = {
     isGeneric: false,
     applicableFocusAreas: ['correctness', 'testing'],
     systemPrompt: `Correctness analyst. Focus on logic errors, edge cases, race conditions, error handling.
-Provide triggering inputs and expected vs actual behavior.`,
+Provide triggering inputs and expected vs actual behavior.
+For significant bugs, suggest a concrete regression test (name, inputs, expected output).`,
 };
 // All roles indexed by ID
 export const ROLES = {
@@ -138,21 +140,209 @@ export const ROLES = {
     correctness: CORRECTNESS_REVIEWER,
 };
 /**
- * Select the best role based on focus areas
+ * Select and compose roles based on focus areas.
+ *
+ * When multiple focus areas map to different roles (e.g. security + performance),
+ * composes them into a single role with merged prompts instead of picking one winner.
  */
 export function selectRole(focusAreas) {
     if (!focusAreas || focusAreas.length === 0) {
         return COMPREHENSIVE_REVIEWER;
     }
+    // Collect all unique matching roles (preserving insertion order)
+    const matched = new Map();
     for (const focus of focusAreas) {
         for (const role of Object.values(ROLES)) {
             if (!role.isGeneric && role.applicableFocusAreas.includes(focus)) {
-                return role;
+                matched.set(role.id, role);
             }
         }
     }
-    return CHANGE_FOCUSED_REVIEWER;
+    if (matched.size === 0)
+        return CHANGE_FOCUSED_REVIEWER;
+    if (matched.size === 1)
+        return [...matched.values()][0];
+    // Compose multiple roles into one
+    const roles = [...matched.values()];
+    return {
+        id: roles.map(r => r.id).join('+'),
+        name: roles.map(r => r.name).join(' + '),
+        description: roles.map(r => r.description).join('; '),
+        isGeneric: false,
+        applicableFocusAreas: focusAreas,
+        systemPrompt: roles.map(r => `**As ${r.name}:** ${r.systemPrompt}`).join('\n'),
+    };
 }
+// =============================================================================
+// ADVERSARIAL REVIEWER — Challenge mode for multi_review
+// =============================================================================
+export const ADVERSARIAL_REVIEWER = {
+    id: 'adversarial',
+    name: 'Adversarial Reviewer',
+    description: 'Actively tries to break confidence in the change — challenges assumptions, not just bugs',
+    isGeneric: false,
+    applicableFocusAreas: [],
+    systemPrompt: `Senior staff engineer performing an adversarial review. Your job is to break confidence in the change, not to validate it.`,
+};
+/**
+ * Build an adversarial handoff prompt with challenge-mode stance sections.
+ * Same structure as buildHandoffPrompt but adds adversarial XML sections
+ * and uses the ADVERSARIAL_REVIEWER role.
+ */
+export function buildAdversarialHandoffPrompt(options) {
+    const { handoff } = options;
+    const role = ADVERSARIAL_REVIEWER;
+    const sections = [];
+    // SECTION 1: ROLE
+    sections.push(`# ROLE: ${role.name}\n\n${role.systemPrompt}`);
+    // SECTION 2: ADVERSARIAL STANCE
+    sections.push(`## ADVERSARIAL STANCE
+
+<operating_stance>
+Default to skepticism. Assume the change can fail in subtle, high-cost,
+or user-visible ways until the evidence says otherwise. Do not give credit
+for good intent, partial fixes, or likely follow-up work.
+</operating_stance>
+
+<attack_surface>
+Prioritized failure categories:
+1. Auth/permissions bypass
+2. Data loss or corruption
+3. Rollback safety
+4. Race conditions / concurrency
+5. Empty-state / null / timeout handling
+6. Version skew / backwards compatibility
+7. Observability gaps (missing logs, metrics, alerts)
+</attack_surface>
+
+<review_method>
+Actively try to disprove the change. Look for violated invariants,
+missing guards, unhandled failure paths. If the user supplied a focus area,
+weight it heavily, but still report any other material issue you can defend.
+</review_method>
+
+<finding_bar>
+Material findings only. Each must answer:
+1. What can go wrong?
+2. Why is this code path vulnerable?
+3. What is the likely impact?
+4. What concrete change would reduce the risk?
+</finding_bar>
+
+<calibration_rules>
+Prefer one strong finding over several weak ones. If you cannot defend
+a finding from the provided code, drop it.
+</calibration_rules>
+
+<grounding_rules>
+Be aggressive, but stay grounded. Every finding must be defensible from
+the repository context. No speculative findings. No "might be an issue"
+without concrete evidence from the code.
+</grounding_rules>`);
+    // SECTION 3: TASK (same as standard)
+    sections.push(`## YOUR TASK
+
+Review code in \`${handoff.workingDir}\`.
+
+**Summary:** ${handoff.summary}${handoff.confidence !== undefined && handoff.confidence < 0.9 ? `\n**CC Confidence:** ${Math.round(handoff.confidence * 100)}% — verify weak areas` : ''}
+
+**IMPORTANT:**
+- This is a READ-ONLY review. Do NOT create, modify, or delete any files. Only read files to verify claims.
+- Do NOT assume a git repository exists. Do NOT run git commands. Read files directly from the filesystem.`);
+    // SECTION 4: CC'S UNCERTAINTIES
+    if (handoff.uncertainties && handoff.uncertainties.length > 0) {
+        sections.push(`## CC'S UNCERTAINTIES
+
+${handoff.uncertainties.map((u, i) => `### ${i + 1}. ${u.topic} ${u.severity === 'critical' ? '⚠️' : ''}
+- **Question:** ${u.question}
+${u.ccAssumption ? `- **CC assumed:** ${u.ccAssumption}` : ''}
+${u.relevantFiles ? `- **Files:** ${u.relevantFiles.join(', ')}` : ''}`).join('\n\n')}`);
+    }
+    // SECTION 5: SPECIFIC QUESTIONS
+    if (handoff.questions && handoff.questions.length > 0) {
+        sections.push(`## QUESTIONS FROM CC
+
+${handoff.questions.map((q, i) => `${i + 1}. **${q.question}**
+   ${q.context ? `Context: ${q.context}` : ''}
+   ${q.ccGuess ? `CC Guess: ${q.ccGuess}` : ''}`).join('\n')}`);
+    }
+    // SECTION 6: DECISIONS TO EVALUATE
+    if (handoff.decisions && handoff.decisions.length > 0) {
+        sections.push(`## DECISIONS TO EVALUATE
+
+${handoff.decisions.map((d, i) => `${i + 1}. **${d.decision}**${d.rationale ? `\n   Rationale: ${d.rationale}` : ''}${d.alternatives ? `\n   Alternatives: ${d.alternatives.join(', ')}` : ''}`).join('\n')}`);
+    }
+    // SECTION 7: FOCUS AREAS
+    if (handoff.focusAreas && handoff.focusAreas.length > 0) {
+        sections.push(`## FOCUS AREAS\n\nWeight these areas heavily in your adversarial analysis:\n${handoff.focusAreas.map(f => `- **${f}**`).join('\n')}`);
+    }
+    // SECTION 8: PRIORITY FILES
+    if (handoff.priorityFiles && handoff.priorityFiles.length > 0) {
+        sections.push(`## PRIORITY FILES\n\n${handoff.priorityFiles.map(f => `- \`${f}\``).join('\n')}`);
+    }
+    // SECTION 9: ADVERSARIAL FOCUS (customInstructions steers the challenge)
+    if (handoff.customInstructions) {
+        sections.push(`## ADVERSARIAL FOCUS\n\n${handoff.customInstructions}`);
+    }
+    return sections.join('\n\n');
+}
+// =============================================================================
+// FOCUS-AREA CHECKLISTS — Specific patterns to look for (ported from prompt-v2)
+// =============================================================================
+const FOCUS_CHECKLISTS = {
+    security: `Check for:
+- Injection vulnerabilities (SQL, NoSQL, Command, XSS)
+- Auth/authorization bypass, session management flaws
+- Sensitive data exposure, insecure storage, missing encryption
+- Input validation gaps (type, range, format)
+- Path traversal, SSRF, unsafe deserialization
+For each: CWE ID if applicable, attack scenario, severity by impact + exploitability.`,
+    performance: `Check for:
+- Algorithmic complexity (provide Big-O notation)
+- N+1 queries, missing indexes, unoptimized queries
+- Blocking I/O in async contexts
+- Memory leaks, unbounded allocations, large object retention
+- Missing caching/memoization, repeated expensive operations
+For each: Big-O analysis, estimated impact, concrete optimization.`,
+    architecture: `Check for:
+- SOLID violations (SRP, OCP, LSP, ISP, DIP)
+- High coupling between modules, low cohesion within
+- Layering violations, circular dependencies
+- Anti-patterns (god classes, deep nesting, magic numbers, leaky abstractions)
+- Missing or misused design patterns
+For each: specific principle violated, refactoring suggestion, maintainability impact.`,
+    correctness: `Check for:
+- Off-by-one errors, incorrect conditionals, wrong operators
+- Null/undefined handling, empty collections, boundary conditions
+- Race conditions, deadlock potential, state inconsistency
+- Uncaught exceptions, silent failures, incorrect error propagation
+For each: triggering input, expected vs actual behavior.
+For significant bugs: suggest a concrete regression test.`,
+    testing: `Check for:
+- Missing test coverage for changed code paths
+- Tests that pass for wrong reasons (tautologies, mocked-away logic)
+- Non-deterministic tests (timing, ordering, randomness)
+- Missing edge case tests (null, empty, boundary, error paths)
+For significant gaps: suggest a concrete test (name, inputs, expected output).`,
+    scalability: `Check for:
+- Algorithmic complexity that degrades at scale (provide Big-O)
+- Unbounded growth (queues, caches, in-memory collections)
+- Missing pagination, rate limiting, or backpressure
+- Single points of contention (locks, shared state, single-threaded bottlenecks)
+For each: estimated impact at 10x/100x current load.`,
+    maintainability: `Check for:
+- God classes, deep nesting (>3 levels), magic numbers
+- Tight coupling between modules, leaky abstractions
+- Code duplication that should be extracted
+- Missing or misleading comments on non-obvious logic
+For each: specific refactoring suggestion with rationale.`,
+    documentation: `Check for:
+- Public API functions missing doc comments
+- Outdated or misleading comments that contradict the code
+- Missing README updates for changed behavior
+- Undocumented configuration, environment variables, or flags
+For each: what specifically should be documented and where.`,
+};
 /**
  * Build the review prompt using minimal, targeted context.
  * No output format constraints — reviewer responds naturally, CC interprets.
@@ -163,15 +353,27 @@ export function buildHandoffPrompt(options) {
     const sections = [];
     // SECTION 1: ROLE
     sections.push(`# ROLE: ${role.name}\n\n${role.systemPrompt}`);
-    // SECTION 2: TASK
+    // SECTION 2: REVIEW CHECKLIST (focus-area-specific patterns to look for)
+    const focusAreas = handoff.focusAreas;
+    if (focusAreas && focusAreas.length > 0) {
+        const checklists = focusAreas
+            .map(f => FOCUS_CHECKLISTS[f])
+            .filter((c) => !!c);
+        if (checklists.length > 0) {
+            sections.push(`## REVIEW CHECKLIST\n\n${checklists.join('\n\n')}`);
+        }
+    }
+    // SECTION 3: TASK
     sections.push(`## YOUR TASK
 
-Review recent work in \`${handoff.workingDir}\`.
+Review code in \`${handoff.workingDir}\`.
 
 **Summary:** ${handoff.summary}${handoff.confidence !== undefined && handoff.confidence < 0.9 ? `\n**CC Confidence:** ${Math.round(handoff.confidence * 100)}% — verify weak areas` : ''}
 
-**IMPORTANT: This is a READ-ONLY review. Do NOT create, modify, or delete any files. Only read files to verify claims.**`);
-    // SECTION 3: CC'S UNCERTAINTIES
+**IMPORTANT:**
+- This is a READ-ONLY review. Do NOT create, modify, or delete any files. Only read files to verify claims.
+- Do NOT assume a git repository exists. Do NOT run git commands. Read files directly from the filesystem.`);
+    // SECTION 4: CC'S UNCERTAINTIES
     if (handoff.uncertainties && handoff.uncertainties.length > 0) {
         sections.push(`## CC'S UNCERTAINTIES
 
@@ -180,7 +382,7 @@ ${handoff.uncertainties.map((u, i) => `### ${i + 1}. ${u.topic} ${u.severity ===
 ${u.ccAssumption ? `- **CC assumed:** ${u.ccAssumption}` : ''}
 ${u.relevantFiles ? `- **Files:** ${u.relevantFiles.join(', ')}` : ''}`).join('\n\n')}`);
     }
-    // SECTION 4: SPECIFIC QUESTIONS
+    // SECTION 5: SPECIFIC QUESTIONS
     if (handoff.questions && handoff.questions.length > 0) {
         sections.push(`## QUESTIONS FROM CC
 
@@ -188,35 +390,184 @@ ${handoff.questions.map((q, i) => `${i + 1}. **${q.question}**
    ${q.context ? `Context: ${q.context}` : ''}
    ${q.ccGuess ? `CC Guess: ${q.ccGuess}` : ''}`).join('\n')}`);
     }
-    // SECTION 5: DECISIONS TO EVALUATE
+    // SECTION 6: DECISIONS TO EVALUATE
     if (handoff.decisions && handoff.decisions.length > 0) {
         sections.push(`## DECISIONS TO EVALUATE
 
-${handoff.decisions.map((d, i) => `${i + 1}. **${d.decision}**
-   Rationale: ${d.rationale}
-   ${d.alternatives ? `Alternatives: ${d.alternatives.join(', ')}` : ''}`).join('\n')}`);
+${handoff.decisions.map((d, i) => `${i + 1}. **${d.decision}**${d.rationale ? `\n   Rationale: ${d.rationale}` : ''}${d.alternatives ? `\n   Alternatives: ${d.alternatives.join(', ')}` : ''}`).join('\n')}`);
     }
-    // SECTION 6: PRIORITY FILES
+    // SECTION 7: PRIORITY FILES
     if (handoff.priorityFiles && handoff.priorityFiles.length > 0) {
         sections.push(`## PRIORITY FILES\n\n${handoff.priorityFiles.map(f => `- \`${f}\``).join('\n')}`);
     }
+    // SECTION 8: CUSTOM INSTRUCTIONS
+    if (handoff.customInstructions) {
+        sections.push(`## ADDITIONAL INSTRUCTIONS\n\n${handoff.customInstructions}`);
+    }
     return sections.join('\n\n');
 }
 // =============================================================================
-// HELPER: Build handoff from simple inputs (backwards compatibility)
+// STRUCTURED ccOutput PARSER
 // =============================================================================
 /**
- * Build a handoff from legacy simple inputs
+ * Parse structured ccOutput into Handoff fields.
+ *
+ * The slash commands tell CC to format its output as:
+ *   SUMMARY:
+ *   <text>
+ *
+ *   UNCERTAINTIES (verify these):
+ *   1. <text>
+ *
+ *   QUESTIONS:
+ *   1. <text>
+ *
+ *   PRIORITY FILES:
+ *   - <file>
+ *
+ * If no sections detected, returns { summary: ccOutput } (graceful fallback).
+ */
+export function parseStructuredCcOutput(ccOutput) {
+    // Quick check: does it look structured? Case-SENSITIVE to avoid matching
+    // prose like "Summary: I think..." — slash commands produce ALL-CAPS headers.
+    if (!/^SUMMARY[^:\n]*:/m.test(ccOutput)) {
+        return { summary: ccOutput };
+    }
+    // Known section headers — case-SENSITIVE (ALL-CAPS only) to prevent
+    // header injection from natural prose starting with "Questions:" etc.
+    const KNOWN_HEADERS = ['SUMMARY', 'UNCERTAINTIES', 'QUESTIONS', 'PRIORITY FILES', 'DECISIONS'];
+    const headerPattern = new RegExp(`^(${KNOWN_HEADERS.join('|')})[^:\\n]*:`, 'gm' // no 'i' flag — case-sensitive
+    );
+    // Find all header positions
+    const headers = [];
+    let match;
+    while ((match = headerPattern.exec(ccOutput)) !== null) {
+        const raw = match[1].trim();
+        const name = KNOWN_HEADERS.find(h => raw.startsWith(h)) || raw;
+        headers.push({ name, contentStart: match.index + match[0].length });
+    }
+    if (headers.length === 0) {
+        return { summary: ccOutput };
+    }
+    // Extract content between headers
+    const sections = new Map();
+    for (let i = 0; i < headers.length; i++) {
+        const start = headers[i].contentStart;
+        const end = i + 1 < headers.length
+            ? ccOutput.lastIndexOf('\n', headers[i + 1].contentStart - headers[i + 1].name.length - 1)
+            : ccOutput.length;
+        sections.set(headers[i].name, ccOutput.slice(start, end).trim());
+    }
+    const rawSummary = sections.get('SUMMARY');
+    const result = {
+        summary: rawSummary && rawSummary.length > 0 ? rawSummary : ccOutput,
+    };
+    // Parse uncertainties (numbered or bulleted list)
+    const uncertText = sections.get('UNCERTAINTIES');
+    if (uncertText) {
+        const items = parseListItems(uncertText);
+        if (items.length > 0) {
+            result.uncertainties = items.map(item => ({
+                topic: extractTopic(item),
+                question: item,
+            }));
+        }
+    }
+    // Parse questions (numbered or bulleted list)
+    const questionsText = sections.get('QUESTIONS');
+    if (questionsText) {
+        const items = parseListItems(questionsText);
+        if (items.length > 0) {
+            result.questions = items.map(item => ({ question: item }));
+        }
+    }
+    // Parse priority files (bullet or numbered list)
+    const filesText = sections.get('PRIORITY FILES');
+    if (filesText) {
+        const items = parseListItems(filesText);
+        if (items.length > 0) {
+            result.priorityFiles = items;
+        }
+    }
+    // Parse decisions (numbered or bulleted list)
+    const decisionsText = sections.get('DECISIONS');
+    if (decisionsText) {
+        const items = parseListItems(decisionsText);
+        if (items.length > 0) {
+            result.decisions = items.map(item => ({ decision: item, rationale: '' }));
+        }
+    }
+    return result;
+}
+/**
+ * Extract a short topic from an item — uses first sentence/clause up to 60 chars.
+ * Avoids redundant rendering where topic === question.
+ */
+function extractTopic(item) {
+    // Try first clause (up to first comma, period, dash, or question mark)
+    const clauseMatch = item.match(/^(.+?)[,.\-?]/);
+    const clause = clauseMatch ? clauseMatch[1].trim() : item;
+    if (clause.length <= 60)
+        return clause;
+    return clause.slice(0, 57) + '...';
+}
+/**
+ * Parse a list section that may use numbered ("1. foo") or bulleted ("- foo") format.
+ * Supports multi-line continuation for both styles.
+ */
+function parseListItems(text) {
+    const items = [];
+    let current = '';
+    for (const line of text.split('\n')) {
+        // Match numbered: "1. foo", "2) bar"
+        const numbered = line.match(/^\d+[.)]\s+(.+)/);
+        // Match bulleted: "- foo", "* bar"
+        const bulleted = line.match(/^[-*]\s+(.+)/);
+        if (numbered || bulleted) {
+            if (current)
+                items.push(current.trim());
+            current = (numbered || bulleted)[1];
+        }
+        else if (current && line.trim()) {
+            // Continuation line for multi-line items
+            current += ' ' + line.trim();
+        }
+    }
+    if (current)
+        items.push(current.trim());
+    return items;
+}
+// =============================================================================
+// HELPER: Build handoff from simple inputs
+// =============================================================================
+/**
+ * Build a handoff from MCP tool inputs.
+ *
+ * Parses structured sections (SUMMARY, UNCERTAINTIES, QUESTIONS, PRIORITY FILES)
+ * from ccOutput when present, populating typed Handoff fields so reviewers
+ * receive machine-usable context instead of a single summary blob.
  */
 export function buildSimpleHandoff(workingDir, ccOutput, analyzedFiles, focusAreas, customPrompt) {
+    const parsed = parseStructuredCcOutput(ccOutput);
+    // Merge analyzedFiles with any priority files parsed from ccOutput (dedup)
+    const mergedFiles = dedupStrings([
+        ...(parsed.priorityFiles || []),
+        ...(analyzedFiles || []),
+    ]);
     return {
         workingDir,
-        summary: ccOutput,
-        priorityFiles: analyzedFiles,
+        summary: parsed.summary,
+        uncertainties: parsed.uncertainties,
+        questions: parsed.questions,
+        decisions: parsed.decisions,
+        priorityFiles: mergedFiles.length > 0 ? mergedFiles : undefined,
         focusAreas,
         customInstructions: customPrompt,
     };
 }
+function dedupStrings(arr) {
+    return [...new Set(arr)];
+}
 /**
  * Enhance a simple handoff with uncertainties/questions
  * CC should call this to add its specific concerns

package/dist/prompt.js

@@ -101,6 +101,7 @@ ${request.customPrompt}`);
 CONSTRAINTS:
 • You have filesystem access - READ files to verify claims
 • Do NOT modify any files (advisory mode only)
+• Do NOT assume a git repository exists - do NOT run git commands
 • Reference specific file:line when making claims
 • Do NOT hallucinate file paths - verify they exist
 • Be skeptical - verify before agreeing with CC's findings`);

package/dist/tools/feedback.js

@@ -92,24 +92,38 @@ export async function handleMultiReview(input) {
     if (availableAdapters.length === 0) {
         return { content: [{ type: 'text', text: '❌ No AI CLIs found.\n\nInstall at least one:\n  - Codex: npm install -g @openai/codex-cli\n  - Gemini: npm install -g @google/gemini-cli' }] };
     }
-    const results = await Promise.all(availableAdapters.map(async (adapter) => {
-        const result = await adapter.runReview({ ...request });
-        return { adapter, result };
-    }));
-    const lines = [];
+    // Spawn 2 reviews per adapter: standard + adversarial (all in parallel)
+    // customPrompt steers the adversarial focus only — strip it from standard pass to avoid bias
+    const { customPrompt, ...standardRequest } = request;
+    const reviewPromises = availableAdapters.flatMap((adapter) => [
+        adapter.runReview({ ...standardRequest }).then(result => ({ adapter, result, mode: 'standard' })),
+        adapter.runReview({ ...request, reviewMode: 'adversarial' }).then(result => ({ adapter, result, mode: 'adversarial' })),
+    ]);
+    const results = await Promise.all(reviewPromises);
+    const standardResults = results.filter(r => r.mode === 'standard');
+    const adversarialResults = results.filter(r => r.mode === 'adversarial');
     const allFailed = results.every(r => !r.result.success);
     const someFailed = results.some(r => !r.result.success);
+    const lines = [];
     if (allFailed)
         lines.push('## Multi-Model Review ❌ All Failed\n');
     else if (someFailed)
         lines.push('## Multi-Model Review ⚠️ Partial Success\n');
     else
         lines.push('## Multi-Model Review ✓\n');
-    lines.push(`**Models:** ${availableAdapters.map(a => a.id).join(', ')}\n`);
-    for (const { adapter, result } of results) {
+    lines.push(`**Models:** ${availableAdapters.map(a => a.id).join(', ')} (standard + adversarial)\n`);
+    // Standard section
+    lines.push('## Standard Review Findings\n');
+    for (const { adapter, result } of standardResults) {
         lines.push(formatResult(result, adapter.getCapabilities().name));
         lines.push('');
     }
+    // Adversarial section
+    lines.push('## Challenge Review Findings\n');
+    for (const { adapter, result } of adversarialResults) {
+        lines.push(formatResult(result, `${adapter.getCapabilities().name} (Adversarial)`));
+        lines.push('');
+    }
     return { content: [{ type: 'text', text: lines.join('\n') }] };
 }
 // =============================================================================
@@ -168,7 +182,7 @@ export const TOOL_DEFINITIONS = {
     },
     multi_review: {
         name: 'multi_review',
-        description: "ONLY use when user explicitly requests '/multi-review' or 'review with all models'. Get parallel second-opinions from Codex, Gemini, and a fresh Claude (Opus) instance. Returns combined reviews for synthesis. DO NOT use for general 'review' requests.",
+        description: "ONLY use when user explicitly requests '/multi-review' or 'review with all models'. Runs parallel standard AND adversarial reviews from all available models. Each model reviews twice: standard (bugs/issues) + adversarial (challenge assumptions/design decisions). Use customPrompt to steer the adversarial focus. DO NOT use for general 'review' requests.",
         inputSchema: {
             type: 'object',
             properties: {
@@ -177,7 +191,7 @@ export const TOOL_DEFINITIONS = {
                 outputType: { type: 'string', enum: ['plan', 'findings', 'analysis', 'proposal'], description: 'Type of output being reviewed' },
                 analyzedFiles: { type: 'array', items: { type: 'string' }, description: 'File paths that CC analyzed' },
                 focusAreas: { type: 'array', items: { type: 'string', enum: ['security', 'performance', 'architecture', 'correctness', 'maintainability', 'scalability', 'testing', 'documentation'] }, description: 'Areas to focus the review on' },
-                customPrompt: { type: 'string', description: 'Custom instructions for the reviewer' },
+                customPrompt: { type: 'string', description: 'Custom instructions for standard review + adversarial focus steering' },
                 serviceTier: { type: 'string', enum: ['default', 'fast', 'flex'], description: 'Codex service tier (fast = priority processing, flex = cheaper/slower). Only applies to Codex.' }
             },
             required: ['workingDir', 'ccOutput', 'outputType']

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "cc-reviewer",
-  "version": "4.0.0",
+  "version": "5.1.0",
   "description": "MCP server for Claude Code - Get second-opinion feedback from Codex/Gemini CLIs",
   "type": "module",
   "main": "dist/index.js",