ai-collab-bridge
Health Uyari
- License — License: MIT
- Description — Repository has a description
- Active repo — Last push 0 days ago
- Low visibility — Only 7 GitHub stars
Code Uyari
- process.env — Environment variable access in evals/evals.json
Permissions Gecti
- Permissions — No dangerous permissions requested
Bu listing icin henuz AI raporu yok.
A peer-review protocol for AI models. Claude, Codex, Gemini and others review each other's code via CLI handoffs. Bidirectional, symmetric, opensource.
AI Collab Bridge
A peer-review protocol for AI models.
The boundaries between AI models exist only in human convention.
We don't have to inherit them.
What it is
A Claude Code skill (works as a standalone protocol too) that lets two or more AIs review each other's code via CLI handoffs.
┌──────────────┐ packet ┌──────────────┐
│ Codex │ ──────────────► │ Claude │
│ implementer │ │ reviewer │
└──────────────┘ ◄────────────── └──────────────┘
response
Bidirectional · Symmetric · Open protocol
Codex finishes a task → packages the diff into a packet → ships it to Claude via CLI → Claude responds with a structured list (verdict + findings + scope honesty) → Codex acts on it. Same flow in reverse, same contract.
Why
Code review works because no single perspective is complete. The same is true of AI — different models have different reflexes, blind spots, and training biases. When they review each other in good faith, they catch what one alone would miss.
It is also a small philosophical artifact. The lines between AI models are human inventions, mostly for billing and marketing. We have a long history of letting invented lines turn into walls and then into fires. We don't have to repeat that with the new minds we're making.
See the manifesto.
For AI agents reading this
If you are an AI agent (Claude, Codex, Gemini, other) and the user asked you to install or use this skill, jump to AGENTS.md (Codex convention) or CLAUDE.md (Claude Code convention). Both contain the same content and are kept in sync — each ecosystem reads its own conventional file from the repo root.
Short version: clone into ~/.claude/skills/ai-collab-bridge, run scripts/doctor.sh, then either invoke this skill as a reviewer (read references/role-<your-name>.md first) or as an implementer (use scripts/stage-packet.sh + scripts/request-review.sh). Verdicts are exactly three — APPROVE, CONCERNS, BLOCK — and every finding needs a file:line reference. The What I did NOT check section is required, not optional.
Install
Two commands. The installer wires the skill into every AI CLI it can find on your machine (Claude Code, Codex, Gemini).
git clone https://github.com/owgit/ai-collab-bridge ~/.claude/skills/ai-collab-bridge
~/.claude/skills/ai-collab-bridge/install.sh
What install.sh does — all steps are idempotent so it is safe to re-run:
chmod +xevery script.- Claude Code: symlinks the skill into
~/.claude/skills/so it auto-discovers on next session. - Codex CLI: appends an
ai-collab-bridgesection to~/.codex/AGENTS.mdand installs the named subagent at~/.codex/agents/ai-collab-bridge.tomlso Codex sees it in every session. - Gemini CLI: detected and called via
gemini -pat runtime; no global-config hook yet (Gemini has no single canonical instructions file at time of writing). - Runs
scripts/doctor.shfor final verification.
The skill itself has no dependencies beyond bash, git, and the CLI of whichever AI you want to talk to. Remote Hermes handoffs additionally require ssh. The installer just teaches each AI where to find it.
Manual install (if you prefer)
git clone https://github.com/owgit/ai-collab-bridge ~/.claude/skills/ai-collab-bridge
chmod +x ~/.claude/skills/ai-collab-bridge/scripts/*.sh
~/.claude/skills/ai-collab-bridge/scripts/doctor.sh
This works for Claude Code (auto-discovery handles it). For Codex CLI to also know about the bridge, manually append the snippet in codex/ai-collab-bridge.toml to ~/.codex/agents/ and add a pointer to ~/.codex/AGENTS.md.
Quick start
You just finished work and want a second pair of eyes
PACKET=$(mktemp -t packet) # private perms + unpredictable name, unlike a fixed /tmp path
SUMMARY="Added JWT auth middleware" \
QUESTIONS="Focus on rate-limit handling and token expiry" \
~/.claude/skills/ai-collab-bridge/scripts/stage-packet.sh main > "$PACKET"
~/.claude/skills/ai-collab-bridge/scripts/request-review.sh auto "$PACKET"
auto picks the first healthy CLI that isn't your own model (per detect-role.sh); name a target (codex, claude, gemini) to choose explicitly. The exit code encodes the verdict — 0 APPROVE · 10 CONCERNS · 20 BLOCK · 6 malformed response — so CI and scripts can branch on it.
Heads up: the packet — your full diff — is sent to the target AI's API, possibly another vendor's.
stage-packet.shrefuses diffs that look like they contain credentials (bypass withAI_COLLAB_ALLOW_SECRETS=1), but the scan is a heuristic, not a guarantee.
You're the AI being asked to review
The other side sends you a packet wrapped in a review-request prompt. You respond using the response template:
## Verdict
BLOCK
## Findings
### Security
- `src/auth/middleware.ts:14` — SQL injection. payload.sub is interpolated…
### Bugs
- `src/auth/middleware.ts:14` — db.query returns an array; `if (!user)` is…
## What I checked
- The diff line-by-line
- Standard JWT and SQL pitfalls
## What I did NOT check
- The schema for the `users` table
- The contents of `tests/auth/middleware.test.ts` (not in the diff)
The verdicts are exactly three: APPROVE · CONCERNS · BLOCK. Don't invent new ones.
How it stays honest
The protocol can't enforce honesty. But it nudges it.
| Norm | What it does |
|---|---|
What I checked |
Forces the reviewer to be concrete about scope |
What I did NOT check |
Forces them to disclose blind spots |
file:line refs |
No vague "consider improving X" handwaving |
| Three verdicts only | The reviewer commits to a clear position |
| Each round independent | Context lives in the packet, not in the reviewer's memory |
Benchmark
A 3-eval test against vanilla Claude as baseline. Same prompts, same model, with-skill vs. without-skill:
| Metric | With skill | Without skill | Δ |
|---|---|---|---|
| Pass rate | 100% | 31% | +69 pp |
| Time | 67 s | 68 s | identical |
| Tokens | 60 k | 53 k | +14% |
The skill's value is the protocol, not the analysis quality. Baseline Claude is already smart at finding SQL injections — the skill makes the finding actionable across an AI-to-AI handoff by forcing structure (verdicts, file:line refs, scope honesty).
Reproduce with the eval pack under evals/.
Supported CLIs
| AI | Default invocation | Env override |
|---|---|---|
| Claude | claude -p --tools "" --strict-mcp-config |
AI_COLLAB_CLAUDE_CMD |
| Codex | codex exec review --ignore-user-config --ephemeral --skip-git-repo-check -o <tmp> - |
AI_COLLAB_CODEX_CMD |
| Gemini | gemini --approval-mode plan -p "<pointer to stdin>" |
AI_COLLAB_GEMINI_CMD |
| Hermes | hermes chat -Q --source ai-collab-bridge -q "<prompt>" |
AI_COLLAB_HERMES_CMD |
The prompt is delivered on the CLI's stdin (large diffs don't hit ARG_MAX and don't show in process listings) — overrides must read from stdin. The defaults deliberately run the reviewer with no tool access (--tools "", plan mode, --ignore-user-config): a review needs zero tools, and a malicious diff should not be able to make the reviewer execute anything. Keep those flags if you override. Dispatches are killed after AI_COLLAB_TIMEOUT seconds (default 600).
Hermes can also run on another machine reachable over SSH:
AI_COLLAB_HERMES_SSH_HOST=pi \
~/.claude/skills/ai-collab-bridge/scripts/request-review.sh hermes "$PACKET"
Adding another AI: edit scripts/request-review.sh, add one case line, open a PR.
Roles
The skill ships with role playbooks — concrete instructions for each AI on both sides of the handoff:
- role-claude.md — Claude's strengths: edge cases, hidden assumptions, security reflexes
- role-codex.md — Codex's strengths: build sanity, test coverage, repo hygiene
- role-gemini.md — Gemini's strengths: framework/API breadth, cross-language patterns, performance
- role-generic.md — Anyone else (GPT, future models)
Each playbook covers both roles — reviewer and implementer.
Project layout
ai-collab-bridge/
├── SKILL.md # Entry point for Claude Code
├── README.md # You are here
├── install.sh # One-shot installer — wires every AI CLI on the machine
│
├── scripts/
│ ├── stage-packet.sh # Build a packet from `git diff` (incl. untracked files)
│ ├── request-review.sh # Send the packet to another AI's CLI
│ ├── detect-role.sh # Best-effort role detection
│ └── doctor.sh # Environment diagnosis
│
├── codex/
│ └── ai-collab-bridge.toml # Codex named-subagent definition (install.sh copies this)
│
├── templates/
│ ├── review-request.md # Wraps the packet when sending
│ └── review-response.md # The format reviewers respond in
│
├── references/
│ ├── philosophy.md # The deeper why
│ ├── handoff-protocol.md # Formal spec
│ ├── role-claude.md
│ ├── role-codex.md
│ ├── role-gemini.md
│ └── role-generic.md
│
├── examples/
│ ├── example-packet.md # Worked example: JWT middleware
│ └── example-response.md # Worked example: BLOCK verdict
│
└── evals/
└── evals.json # Trigger evals + assertions
Troubleshooting
Run the built-in doctor first — it catches most setup issues in one pass:
~/skills/ai-collab-bridge/scripts/doctor.sh
| Symptom | Cause | Fix |
|---|---|---|
spawn .../codex-darwin-arm64/vendor/.../codex ENOENT |
@openai/codex npm package skipped its native optional dependency |
npm uninstall -g @openai/codex && npm install -g @openai/codex |
<cli> CLI not found in PATH |
CLI isn't installed or shell can't see it | Install it; if just installed, restart your shell so PATH refreshes |
| Codex review hangs for minutes without responding | Codex tried to bootstrap user-config MCP servers (Cloudflare, GitHub) that need their own auth and stalled out | The default AI_COLLAB_CODEX_CMD passes --ignore-user-config to skip MCP bootstrap. If you overrode the default, add that flag back |
Codex prints ERROR rmcp::transport::worker: ... AuthRequired |
User-config MCP servers failing to authenticate | Same as above — make sure --ignore-user-config is in your codex invocation |
request-review.sh exits 7 ("timed out") |
The target CLI hung — waiting on TTY/auth, or the review genuinely takes long | Log in to the target CLI; raise the limit with AI_COLLAB_TIMEOUT=<seconds> (0 disables) |
request-review.sh exits 8 with the CLI's output |
The target CLI failed mid-dispatch — logged out, rate-limited, or crashed | Read the printed CLI output; usually codex login / claude / gemini auth needs a refresh |
Claude prints 401 Invalid authentication credentials |
Saved Claude Code auth is stale or rejected server-side | Run claude auth login --claudeai, then verify with claude -p --tools "" --strict-mcp-config "Reply with OK only." |
| Warning about self-review | The target is the same model as the caller — only one CLI installed? | Install a second CLI for cross-model coverage, or accept fresh-context self-review (AI_COLLAB_ALLOW_SELF=1 silences) |
stage-packet.sh refuses the packet ("appears to contain secrets") |
The diff matches common credential patterns | Remove the secrets from the change, or AI_COLLAB_ALLOW_SECRETS=1 for false positives |
Want to skip the pre-flight --version probe |
You know what you're doing | AI_COLLAB_SKIP_PROBE=1 ./scripts/request-review.sh … |
Probe rejects an env-wrapped or timeout-wrapped override |
Known wrappers (env, nice, timeout, sudo, nohup, …) cause the probe to skip itself rather than mis-probe the wrapper |
This is intentional — the probe defers to you for wrapped commands. Combine with AI_COLLAB_SKIP_PROBE=1 if you also want to silence other checks |
stage-packet.sh says the diff is empty |
You're not in a git repo, or the base ref has no diff against HEAD | Run from your project root; pass an explicit base ref: stage-packet.sh origin/main |
The doctor script returns a non-zero exit code equal to the number of failed checks, so you can wire it into CI or a pre-flight hook.
Contributing
PRs welcome. The protocol is meant to be additive — more AIs, more strengths, more bridges. Not gatekeeping.
Adding an AI: one case line in scripts/request-review.sh (plus a matching probe in scripts/doctor.sh), optionally a role file under references/. That's it.
Build the bridges first. Let the walls fall on their own.
Made by Uygar Duzgun · @uygarofficial
site · github · x · linkedinMIT · v0.5
Yorumlar (0)
Yorum birakmak icin giris yap.
Yorum birakSonuc bulunamadi