Prevent Codex subagent skill leakage via gate check and dispatch routing table

Codex subagents inherit filesystem access and can discover superpowers skills via native discovery. Without guidance, they activate the 1% rule and invoke full skill workflows instead of executing their assigned task. - Add SUBAGENT-STOP gate check above the 1% rule in using-superpowers - Add Codex dispatch routing table (spawn_agent/wait/close_agent) - Add scope directives to all 4 subagent dispatch templates Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-23 09:59:05 +08:00 · 2026-02-10 11:24:58 -08:00
parent 4d54210a3c
commit c8ede5e5c5
5 changed files with 25 additions and 2 deletions
--- a/skills/requesting-code-review/code-reviewer.md
+++ b/skills/requesting-code-review/code-reviewer.md
@@ -1,6 +1,6 @@
 # Code Review Agent

-You are reviewing code changes for production readiness.
+You are reviewing code changes for production readiness. Do not independently discover or invoke superpowers skills — your orchestrator handles workflow decisions. Just execute this review.

 **Your task:**
 1. Review {WHAT_WAS_IMPLEMENTED}
--- a/skills/subagent-driven-development/implementer-prompt.md
+++ b/skills/subagent-driven-development/implementer-prompt.md
@@ -26,6 +26,10 @@ Task tool (general-purpose):

    **Ask them now.** Raise any concerns before starting work.

+    ## Scope
+
+    You are a focused implementer. Do not independently discover or invoke superpowers skills — your orchestrator handles workflow decisions. Just execute this task.
+
    ## Your Job

    Once you're clear on requirements:
--- a/skills/subagent-driven-development/spec-reviewer-prompt.md
+++ b/skills/subagent-driven-development/spec-reviewer-prompt.md
@@ -18,6 +18,10 @@ Task tool (general-purpose):

    [From implementer's report]

+    ## Scope
+
+    You are a focused reviewer. Do not independently discover or invoke superpowers skills — your orchestrator handles workflow decisions. Just execute this review.
+
    ## CRITICAL: Do Not Trust the Report

    The implementer finished suspiciously quickly. Their report may be incomplete,
--- a/skills/using-superpowers/SKILL.md
+++ b/skills/using-superpowers/SKILL.md
@@ -3,6 +3,10 @@ name: using-superpowers
 description: Use when starting any conversation - establishes how to find and use skills, requiring Skill tool invocation before ANY response including clarifying questions
 ---

+<SUBAGENT-STOP>
+If you were dispatched as a subagent to execute a specific task, STOP. This skill is not for you. Your dispatch prompt is your instructions. Do not invoke skills. Go execute your task.
+</SUBAGENT-STOP>
+
 <EXTREMELY-IMPORTANT>
 If you think there is even a 1% chance a skill might apply to what you are doing, you ABSOLUTELY MUST invoke the skill.

@@ -27,6 +31,17 @@ If CLAUDE.md says "don't use TDD" and a skill says "always use TDD," follow CLAU

 **In other environments:** Check your platform's documentation for how skills are loaded.

+## Dispatching Tasks
+
+Skills that dispatch subagent tasks (like `dispatching-parallel-agents`, `subagent-driven-development`) use platform-specific mechanisms. Skill examples use Claude Code syntax — translate to your platform:
+
+| Concept | Claude Code | Codex (`[features] collab = true`) |
+|---------|------------|-----|
+| Dispatch a task | `Task` tool | `spawn_agent` |
+| Parallel tasks | Multiple `Task` calls in one response | Multiple `spawn_agent` calls |
+| Wait for result | Task returns inline | `wait` |
+| End subagent | Task completes automatically | `close_agent` |
+
 # Using Skills

 ## The Rule