[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-80416":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":12,"openIssues":13,"contributorsCount":13,"subscribersCount":13,"size":13,"stars1d":13,"stars7d":13,"stars30d":13,"stars90d":13,"forks30d":13,"starsTrendScore":13,"compositeScore":14,"rankGlobal":10,"rankLanguage":10,"license":15,"archived":16,"fork":16,"defaultBranch":17,"hasWiki":18,"hasPages":18,"topics":19,"createdAt":10,"pushedAt":10,"updatedAt":35,"readmeContent":36,"aiSummary":37,"trendingCount":13,"starSnapshotCount":13,"syncStatus":38,"lastSyncTime":39,"discoverSource":40},80416,"codebase-argus","AaronZ345\u002Fcodebase-argus","AaronZ345","Multi-agent codebase review for PRs, CI, and downstream fork syncs.","https:\u002F\u002Faaronz345.github.io\u002Fcodebase-argus\u002F",null,"TypeScript",57,0,40,"MIT License",false,"main",true,[20,21,22,23,24,25,26,27,28,29,30,31,32,33,34],"agent-skills","ai-agents","ci","claude-code","claude-code-plugin","code-review","codex","developer-tools","fork-sync","github-actions","github-app","multi-agent","openclaw","pull-request","skill-md","2026-06-12 04:01:28","# Codebase Argus\n\n\u003Cp align=\"center\">\n  \u003Cstrong>Multi-agent PR review and downstream fork-sync risk analysis for maintainers.\u003C\u002Fstrong>\n\u003C\u002Fp>\n\n\u003Cp align=\"center\">\n  \u003Ca href=\"https:\u002F\u002Faaronz345.github.io\u002Fcodebase-argus\u002F\">Live demo\u003C\u002Fa>\n  ·\n  \u003Ca href=\"#cli\">CLI\u003C\u002Fa>\n  ·\n  \u003Ca href=\"#github-app\">GitHub App\u003C\u002Fa>\n  ·\n  \u003Ca href=\"#agent-playbook\">Agent Playbook\u003C\u002Fa>\n  ·\n  \u003Ca href=\"#skill-registries\">Skill Registries\u003C\u002Fa>\n\u003C\u002Fp>\n\n\u003Cp align=\"center\">\n  \u003Cimg alt=\"Next.js 16\" src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FNext.js-16-black?style=flat-square\">\n  \u003Cimg alt=\"TypeScript\" src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FTypeScript-5-3178c6?style=flat-square\">\n  \u003Cimg alt=\"Vitest\" src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FVitest-tested-6e9f18?style=flat-square\">\n  \u003Cimg alt=\"GitHub App\" src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FGitHub%20App-webhook-24292f?style=flat-square\">\n\u003C\u002Fp>\n\n\u003Cp align=\"center\">\n  \u003Cimg src=\"docs\u002Fassets\u002Fcodebase-argus-home.png\" alt=\"Codebase Argus dashboard showing PR, CI, and downstream fork-sync review workflows\">\n\u003C\u002Fp>\n\nCodebase Argus gives maintainers a review desk for codebase evidence. It reviews\npull requests, failing CI logs, and long-lived fork syncs with the same set of\nsignals: patches, checks, files, branch state, policy gates, provider consensus,\nand local git simulations.\n\nUse it when a single reviewer is not enough, but a fully automatic merge bot is\ntoo risky. Argus can ask one model, several models, or local AI CLIs to review\nthe same evidence, then keeps every finding tied to something a maintainer can\ncheck.\n\n## At a glance\n\n| Workflow | Input | Output |\n| --- | --- | --- |\n| PR review | `owner\u002Frepo#123` or a GitHub PR URL | risk summary, findings, inline-ready comments |\n| CI review | local log file or failing GitHub Actions jobs | likely root cause, affected command, fix path |\n| Autofix plan | PR review findings | gated branch plan for mechanical fixes |\n| Downstream fork sync | upstream repo + fork repo | ahead\u002Fbehind, conflict notes, rebase\u002Fmerge risk |\n| Agent handoff | dashboard or CLI report | task package with commands and acceptance gates |\n\n## Common workflows\n\n### Review a risky PR with multiple agents\n\n```bash\nnpm run argus -- review owner\u002Frepo#123 --tribunal openai-api,claude-cli,codex-cli\n```\n\nArgus fetches the PR metadata, changed files, checks, reviews, commits, and\npatch excerpts, then asks every configured reviewer to look at the same context.\nMatching findings are grouped so agreement is visible; provider failures stay in\nthe report instead of disappearing.\n\n### Debug failing GitHub Actions logs\n\n```bash\nGITHUB_TOKEN=... npm run argus -- ci-github owner\u002Frepo#123 --provider codex-cli\n```\n\nThe CI lane pulls failing job logs from GitHub Actions and asks for the first\nfailing command, likely root cause, affected files, and the smallest fix path.\n\n### Check whether a fork can safely rebase\n\n```bash\nnpm run argus -- downstream owner\u002Fupstream me\u002Ffork --fork-branch feature\u002Fdemo --tribunal codex-cli,claude-cli,gemini-cli\n```\n\nThe downstream lane compares the fork with upstream, projects merge conflicts\nwith `git merge-tree`, simulates a rebase in a temporary worktree, checks\npatch-equivalent commits with `git cherry`, and summarizes semantic movement\nwith `git range-diff`.\n\n## Quick start\n\n```bash\nnpm install\nnpm run dev\n```\n\nOpen \u003Chttp:\u002F\u002Flocalhost:3000>.\n\nFor command-line review:\n\n```bash\nnpm run argus -- review owner\u002Frepo#123\nnpm run argus -- ci-github owner\u002Frepo#123\nnpm run argus -- downstream owner\u002Fupstream me\u002Ffork\n```\n\nPublic GitHub repositories work from the hosted demo. Private repositories,\nserver-side AI providers, GitHub App webhooks, local git analysis, and CLI agent\nreview belong in a local or deployed server environment.\n\n## Core capabilities\n\n### Pull request review\n\nCodebase Argus fetches the PR shape that maintainers usually need before\ntrusting a review:\n\n- metadata, labels, author, branch refs, and mergeability;\n- changed files, patch excerpts, commits, and prior reviews;\n- check status and GitHub Actions run metadata;\n- policy rules from `.codebase-argus.yml`;\n- stacked PR signals and merge-queue states.\n\nThe deterministic reviewer looks for failing checks, source changes without\ntests, workflow edits, dependency changes, sensitive paths, policy violations,\nlarge diffs, stacked PR bases, and blocked\u002Fdirty\u002Fbehind\u002Funstable merge states.\n\n### Multi-agent review and tribunal\n\nThe same upstream or downstream evidence package can go to one provider or\nseveral providers:\n\n| Provider | Mode |\n| --- | --- |\n| `openai-api` | API |\n| `anthropic-api` | API |\n| `gemini-api` | API |\n| `codex-cli` | local CLI |\n| `claude-cli` | local CLI |\n| `gemini-cli` | local CLI |\n\nTribunal mode runs multiple reviewers against the same PR, CI log, or fork sync\ncontext. It groups matching findings, raises confidence when providers agree,\nand keeps provider failures in the report.\n\n### CI failures\n\nUse `ci-log` for a local file, or `ci-github` for failing GitHub Actions jobs on\na PR. Webhook mode can include failing Actions logs in the automatic PR review.\n\n### Autofix planning\n\n`autofix-plan` turns high-confidence, mechanical findings into a branch plan. It\ncovers narrow lanes such as npm lockfile refreshes, snapshot updates, and\nformatter or linter fixes. The output includes commands, verification gates, and\npush instructions for the maintainer or agent working in a real checkout.\n\n### Downstream fork sync\n\nThe fork workflow compares an upstream repository and a long-lived fork. Local\nanalysis runs git in `.cache\u002Frepos` and temporary worktrees, then reports:\n\n- projected merge conflicts from `git merge-tree`;\n- rebase simulation in a temporary worktree;\n- patch-equivalent commits from `git cherry`;\n- semantic movement from `git range-diff`;\n- fork-ahead commits already covered upstream;\n- agent-safe merge\u002Frebase runbooks.\n\n## CLI\n\nThe CLI is the best entry point for scripts and coding agents.\n\n```bash\nnpm run argus -- --help\n```\n\n### PR review\n\n```bash\nnpm run argus -- review owner\u002Frepo#123\nnpm run argus -- review owner\u002Frepo#123 --policy .codebase-argus.yml\nnpm run argus -- review owner\u002Frepo#123 --provider openai-api --model gpt-4.1-mini\nnpm run argus -- review owner\u002Frepo#123 --tribunal openai-api,claude-cli,codex-cli\n```\n\n### CI review\n\n```bash\nnpm run argus -- ci-log logs\u002Ffailure.txt\nnpm run argus -- ci-log logs\u002Ffailure.txt --provider codex-cli\nGITHUB_TOKEN=... npm run argus -- ci-github owner\u002Frepo#123\n```\n\n### Autofix plan\n\n```bash\nnpm run argus -- autofix-plan owner\u002Frepo#123\n```\n\n### Downstream fork sync\n\n```bash\nnpm run argus -- downstream owner\u002Fupstream me\u002Ffork\nnpm run argus -- downstream owner\u002Fupstream me\u002Ffork --upstream-branch main --fork-branch feature\u002Fdemo\nnpm run argus -- downstream owner\u002Fupstream me\u002Ffork --fork-branch feature\u002Fdemo --provider codex-cli\n```\n\n### Sync planning\n\n```bash\nnpm run argus -- sync owner\u002Fupstream me\u002Ffork --mode merge --fork-branch feature\u002Fdemo --test \"npm test\"\nnpm run argus -- sync owner\u002Fupstream me\u002Ffork --mode rebase --fork-branch feature\u002Fdemo --execute --push --create-pr\n```\n\nOutput defaults to markdown. Use `--format json` for tool integration.\n\nInstall the binary locally:\n\n```bash\nnpm link\ncodebase-argus review owner\u002Frepo#123\ncodebase-argus autofix-plan owner\u002Frepo#123\n```\n\n`downstream` is the primary fork-sync review command. `sync` is reserved for\nexplicit integration branches.\n\n## Policy file\n\nAdd `.codebase-argus.yml` when the repository has local review rules:\n\n```yaml\nrequiredChecks: passing\nmaxChangedFiles: 30\nmaxTotalDelta: 1200\nrequiredTestPatterns:\n  - .test.ts\nforbiddenWorkflowPatterns:\n  - pull_request_target\nsensitivePathPatterns:\n  - auth\n  - token\n  - webhook\n```\n\nPolicy failures become normal findings with concrete evidence.\n\n## GitHub App\n\nDeploy the Next.js server and point a GitHub App webhook at:\n\n```text\nPOST https:\u002F\u002Fyour-host.example.com\u002Fapi\u002Fgithub\u002Fwebhook\n```\n\nThe server also emits a GitHub App manifest:\n\n```text\nGET https:\u002F\u002Fyour-host.example.com\u002Fapi\u002Fgithub\u002Fapp-manifest\n```\n\nRecommended repository permissions:\n\n| Permission | Access |\n| --- | --- |\n| Pull requests | Read and write |\n| Issues | Read and write |\n| Contents | Read |\n| Checks | Read |\n| Actions | Read |\n| Metadata | Read |\n\nRequired webhook events:\n\n- `pull_request`\n- `issue_comment`\n\nServer environment:\n\n```bash\nGITHUB_WEBHOOK_SECRET=...\nGITHUB_APP_ID=...\nGITHUB_APP_PRIVATE_KEY='\u003Cescaped-pem-private-key>'\n```\n\nBase64 private key storage is also supported:\n\n```bash\nGITHUB_APP_PRIVATE_KEY_BASE64=...\n```\n\nReview controls:\n\n```bash\nARGUS_WEBHOOK_PROVIDER=rule-based\nARGUS_WEBHOOK_PROVIDER=openai-api\nARGUS_WEBHOOK_MODEL=gpt-4.1-mini\nARGUS_WEBHOOK_TRIBUNAL=openai-api,claude-cli,codex-cli\nARGUS_WEBHOOK_INLINE_COMMENTS=true\nARGUS_WEBHOOK_INCLUDE_CI_LOGS=true\nARGUS_WEBHOOK_DRY_RUN=true\n```\n\nWebhook behavior:\n\n- verifies `X-Hub-Signature-256` before payload handling;\n- reviews `opened`, `reopened`, `ready_for_review`, and `synchronize` events;\n- skips draft PRs and PRs labeled `argus:paused`;\n- uses GitHub App installation tokens when app credentials are present;\n- posts GitHub PR reviews with event `COMMENT`;\n- anchors high-signal findings to changed patch lines when inline comments are enabled;\n- fetches failing GitHub Actions job logs when checks fail.\n\n### PR comment commands\n\n```text\n\u002Fargus help\n\u002Fargus review\n\u002Fargus ci\n\u002Fargus autofix\n\u002Fargus pause\n\u002Fargus resume\n```\n\n`\u002Fargus pause` applies the `argus:paused` label. `\u002Fargus resume` removes it.\n`\u002Fargus autofix` posts the same gated plan as the CLI.\n\n## AI provider setup\n\nSet credentials for the providers you plan to use:\n\n```bash\nOPENAI_API_KEY=...\nANTHROPIC_API_KEY=...\nGEMINI_API_KEY=...\n```\n\nOptional model overrides:\n\n```bash\nARGUS_OPENAI_API_MODEL=gpt-4.1-mini\nARGUS_ANTHROPIC_API_MODEL=claude-3-5-sonnet-20241022\nARGUS_GEMINI_API_MODEL=gemini-2.0-flash\n```\n\nLocal CLI providers expect authenticated commands:\n\n```bash\ncodex exec --help\nclaude --help\ngemini --help\n```\n\n## Agent playbook\n\nThe repository includes a portable agent playbook. It is not tied to Codex:\nOpenClaw, Codex, Claude Code, and other coding agents can all use the same\ninstructions.\n\n```text\nagent-playbooks\u002Fcodebase-argus\u002FPLAYBOOK.md   # portable OpenClaw \u002F Codex \u002F Claude Code playbook\nskills\u002Fcodebase-argus\u002FSKILL.md               # ClawHub\u002FOpenClaw-compatible skill entrypoint\n```\n\nRecommended setup:\n\n- OpenClaw: add `agent-playbooks\u002Fcodebase-argus\u002FPLAYBOOK.md` to the agent or\n  project instructions, or install the skill from `skills\u002Fcodebase-argus\u002F`.\n- Codex: either read the portable playbook directly or install the skill\n  from `skills\u002Fcodebase-argus\u002F`.\n- Claude Code: install the plugin marketplace from this repository:\n\n  ```text\n  \u002Fplugin marketplace add AaronZ345\u002Fcodebase-argus\n  \u002Fplugin install codebase-argus@codebase-argus\n  ```\n\n  Or copy the playbook into `.claude\u002Fskills\u002Fcodebase-argus\u002FSKILL.md` for a\n  project-local skill.\n\n## Skill registries\n\nCodebase Argus is packaged for open `SKILL.md` registries and agent-specific\ninstall surfaces:\n\n- Claude Code plugin marketplace: `AaronZ345\u002Fcodebase-argus`\n- ClawHub\u002FOpenClaw skill folder: `skills\u002Fcodebase-argus`\n- Codex\u002FOpenAI-compatible Agent Skills folder: `skills\u002Fcodebase-argus`\n- SkillsMD public registry repository: `AaronZ345\u002Fcodebase-argus`\n\nClawHub publish command:\n\n```bash\nclawhub skill publish skills\u002Fcodebase-argus \\\n  --slug codebase-argus \\\n  --name \"Codebase Argus\" \\\n  --version 0.1.0 \\\n  --tags latest,code-review,pull-request,ci,multi-agent,fork-sync\n```\n\nSkillsMD submission payload:\n\n```json\n{\n  \"repo\": \"AaronZ345\u002Fcodebase-argus\",\n  \"name\": \"codebase-argus\",\n  \"description\": \"Multi-agent PR, CI, and downstream fork-sync review desk for coding agents.\"\n}\n```\n\nThe playbook directs agents to use the CLI first, keep tokens out of logs, run\nmulti-provider review before risky downstream integration, and ask for explicit\nauthorization before approve, merge, rebase, push, PR creation, or GitHub\ncomments.\n\n## Write model\n\nCodebase Argus keeps write operations narrow:\n\n| Surface | Write behavior |\n| --- | --- |\n| Hosted demo | Read-only browser inspection |\n| Local CLI review | Markdown or JSON output |\n| GitHub App review | `COMMENT` PR reviews |\n| PR commands | Review, CI review, autofix plan, pause, resume |\n| Sync command | Dry-run by default; `--execute`, `--push`, and `--create-pr` are explicit gates |\n| Generated Actions workflow | Uses `pull_request` for untrusted fork PRs |\n","Codebase Argus 是一个用于多代理代码库审查的工具，支持拉取请求（PR）审查、持续集成（CI）检查以及下游分支同步的风险分析。其核心功能包括通过多种AI模型或本地CLI工具对同一段代码进行审查，并将结果汇总以便维护者参考；能够处理失败的CI日志并提供可能的根本原因及修复路径；同时还能评估分支之间的同步风险。该项目采用TypeScript编写，利用了Next.js 16框架和Vitest测试工具等现代技术栈。适用于需要超出单一审查者能力但又不适合全自动合并机器人的情况，特别适合开源项目维护者使用以提高代码质量和安全性。",2,"2026-06-11 04:00:40","CREATED_QUERY"]