legal-sanity-review
Legal Sanity Review Workflow — mandatory pre-gate in the cross-review cycle
Best use case
legal-sanity-review is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Legal Sanity Review Workflow — mandatory pre-gate in the cross-review cycle
Teams using legal-sanity-review should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/legal-sanity-review/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How legal-sanity-review Compares
| Feature / Agent | legal-sanity-review | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Legal Sanity Review Workflow — mandatory pre-gate in the cross-review cycle
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Legal Sanity Review Workflow
> Version: 1.0.0
> Category: Workflows
> Triggers: Before cross-review (Codex/Gemini), PR creation, code porting
## Purpose
Ensures no client project names, proprietary tool references, or legally sensitive content reaches the cross-review stage or a pull request. This is a **mandatory pre-gate** — if the legal scan fails, the review cycle does not proceed.
## Review Flow
```
Codex/Gemini performs task
↓
Commit changes
↓
Legal Sanity Scan ◄── MANDATORY PRE-GATE
├── BLOCK → Fix violations → Re-scan
└── PASS → Proceed to Codex review
↓
Cross-Review Cycle
```
## Integration Points
### Cross-Review Pre-Gate
The legal scan runs **before** the first Codex/Gemini iteration:
| Step | Gate | Action |
|------|------|--------|
| 1 | Legal Scan | Run `legal-sanity-scan.sh --diff-only` |
| 2 | Pass? | If no → fix and re-scan |
| 3 | Codex Review | First cross-review iteration |
| 4 | Gemini Review | Parallel cross-review |
### PR Pre-Hook
Integrated into `pr-manager.md` hooks:
```bash
./scripts/legal/legal-sanity-scan.sh --diff-only || (echo "Legal sanity FAILED" && exit 1)
```
### Manual Invocation
```bash
# Full repo scan
./scripts/legal/legal-sanity-scan.sh --repo=worldenergydata
# All submodules
./scripts/legal/legal-sanity-scan.sh --all
```
## Exit Conditions
| Condition | Code | Action |
|-----------|------|--------|
| PASS | 0 | Proceed to cross-review |
| BLOCK | 1 | Fix violations, re-scan |
| SCAN_ERROR | 2 | Check script/config, retry |
## Violation Response
When the scan finds block-severity violations:
1. **Stop** — do not proceed to cross-review or PR creation
2. **Report** — list each violation with file:line and pattern
3. **Fix** — replace client references with generic equivalents
4. **Re-scan** — confirm all violations are resolved
5. **Continue** — proceed to the cross-review cycle
## Configuration
Deny lists control what patterns are scanned:
- **Global**: `.legal-deny-list.yaml` (workspace root)
- **Per-project**: `<submodule>/.legal-deny-list.yaml`
See `.Codex/rules/legal-compliance.md` for the full policy.
---
*Use this workflow whenever committing AI-generated or ported code to ensure legal compliance before review.*Related Skills
plan-review-prompt-refresh-after-plan-edits
Refresh reviewer prompt files from the latest on-disk plan before every adversarial re-review. Prevents Codex/Gemini from critiquing stale plan text after local edits.
tdd-verification-and-adversarial-review
Verify pre-written TDD tests pass, conduct adversarial code review on committed diffs, and route findings to existing issues
multi-role-agent-contract-review-pipeline
Execute a 4-role agent team (Planner/Architect/Reviewer/Integrator) pipeline for self-reviewing knowledge artifacts before delivery
gsd-adversarial-review-pattern
Catch hidden test failures by running adversarial review on sparse-data edge cases before final push
adversarial-code-review-tdd
Systematic adversarial review pattern to identify breaking assumptions in already-passing test suites
adversarial-code-review-for-committed-diffs
Systematic process for reviewing already-committed code changes to catch type inconsistencies, edge cases, and docstring gaps
adversarial-code-review-and-fix
Systematic pattern for catching design flaws in already-passing code through adversarial review, then fixing them with TDD confirmation.
learned-git-worktree-hook-path-and-real-hook-shape-review
Catch hook-installation and governance bugs that only appear in linked git worktrees or against the real generated hook shape, not simplified test fixtures.
ten-agent-pre-plan-review-wave
Launch and verify a 10-agent planning-only wave that moves open GitHub issues into status:plan-review using one isolated worktree per issue, wave-specific continuation cron, and post-run artifact-reconciliation checks.
static-site-build-artifact-plan-review
Plan-review pattern for static-site fixes where the deployed artifact is generated from source files (e.g. sitemap/robots/static assets). Prevents review churn by separating durable regression checks from one-time migration verification and by validating built output, not just source files.
preserved-plan-refile-with-attested-review-wave
Reopen a previously closed GitHub issue with a preserved local plan, rewrite it into a conservative draft, and drive iterative attested adversarial review waves until it is truly approval-ready.
planning-lane-cross-review-permission-fallback
Handle overnight planning-only lanes where plan revision/editing works but real cross-provider review dispatch is permission-blocked.