CalvinBackup/gstack
1
0
Fork 0
mirror of https://github.com/garrytan/gstack.git synced 2026-05-02 11:45:20 +02:00
Code Issues Packages Projects Releases Wiki Activity

docs: add data flow documentation to review.ts

Browse Source 
Addresses Socket HIGH finding (98% confidence). Documents what data
is sent to external review services and what is NOT sent.
This commit is contained in:
Garry Tan
2026-03-27 09:19:08 -06:00
parent f00c8419b8
commit 4150ee0d09
1 changed files with 14 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
scripts/resolvers/review.ts
+14
View File
@@ -1,3 +1,17 @@
/**
* Cross-model review resolver
*
* Data sent to external review services (via Codex CLI):
* - Plan markdown content, repository name, branch name, review type
* Data NOT sent:
* - Source code files, credentials, environment variables, git history
*
* Users invoke this explicitly via /plan-eng-review, /plan-ceo-review,
* or /plan-design-review. No data is sent without user invocation.
*
* Review logs are stored locally at ~/.gstack/reviews/review-log.jsonl.
* Codex CLI prompts are written to temp files to prevent shell injection.
*/
import type { TemplateContext } from './types';
export function generateReviewDashboard(_ctx: TemplateContext): string {