Review
anode review inspects local changes with a read-only profile. It is for
finding concrete bugs, risky behavior changes, and missing tests before you
commit.
Commands
Section titled “Commands”anode reviewanode review "focus on error handling"anode review --base mainanode review --base main --checksanode review --base main --stream-jsonFlags:
| Flag | Use |
|---|---|
--base <ref> | Diff against a base git ref. |
--checks | Run project check files. |
--profile <name> | Review profile override. Defaults to review. |
--model provider/model | Model override for the review runs. |
--max-turns <n> | Turn limit for each review run. |
| `—approval ask | auto |
--stream-json | Emit newline-delimited run events. |
review keeps its read-only default profile unless you override --profile.
What Review Reads
Section titled “What Review Reads”Anode builds review context from:
git status --short- unstaged diff
- staged diff
--base <ref>diff when provided- diff stats
- changed file list
- untracked file names and bounded text previews
Tracked diff text is limited to 120,000 runes. Untracked previews include up to
10 files, each read up to 16 KiB. If there are no changed files, review prints
Nothing to review.
Project Checks
Section titled “Project Checks”Checks are Markdown files under .agents/checks/*.md. Anode also looks for
nearest scoped .agents/checks directories above changed files.
Example:
---name: securitydescription: Check for security regressionsseverity-default: highpaths: "**/*.go", "**/*.ts"tools: read, finder, web_search---
Look for command injection, path traversal, auth bypasses, secret exposure, andunsafe input handling. Avoid style comments.Supported frontmatter:
| Field | Use |
|---|---|
name | Check name. Defaults to file name without extension. |
description | One-line description. Defaults to first body line. |
severity-default or severity | Severity label passed into the check prompt and events. |
paths or path | Comma-separated or bracketed glob list. |
tools | Comma-separated or bracketed tool allowlist. |
Check names cannot contain / or \. Check files larger than 64 KiB are
truncated before parsing. Symlinked check files are rejected.
Check Execution
Section titled “Check Execution”Without --stream-json, Anode runs the general review and then each applicable
check in order.
With --stream-json, Anode emits a parent review run. The general review runs
first. Applicable checks then run with bounded concurrency of 4, and their
buffered event streams are replayed in deterministic order.
Each check receives:
- the review context
- the check body
- the optional focus text
- the requested tool allowlist, when set
- parent run linkage in JSON events
JSON Output
Section titled “JSON Output”--stream-json uses the same event schema as headless execution. Review adds a
parent run and child runs:
| Event | Use |
|---|---|
system.init | Parent review initialized. |
run.started | Parent review run started. |
child_run.started | General review or project check started. |
| child run events | Events from the general review or check run. |
child_run.result | Child run finished. |
result.final | Parent review finished. |
Read-Only Behavior
Section titled “Read-Only Behavior”The default review profile is read-only and exposes:
read, multi_read, finder, glob, grep, web_search, todo_read, code_reviewWhen a language server is configured, lsp and get_diagnostics can also be
available through the same read-only profile.
It does not expose file mutation tools.
Keep going: