Propel
Codex-Lead
Complementary ephemeral flag for /c-codex. Flips the next exchange from Claude-synthesizes (default) to Codex-primary, Claude-as-adversarial-checker. Single-use per invocation — must be re-armed each time.
Codex-Lead is ephemeral by design. It arms exactly one /c-codex exchange and then reverts. A persistent mode would let you forget you were in lead mode and trust unverified Codex output. Re-arming each time keeps the default honest.
Why This Exists
The default /c-codex contract keeps Claude in charge of synthesis: Claude frames the question, Codex critiques, Claude produces the comparison card. That is correct when Claude has strong repo context and Codex is being brought in for a divergent perspective.
But Codex is genuinely stronger on some tasks — particularly code review in languages or patterns where its training dominates. In those cases, the synthesis step can dilute Codex's findings. Codex-Lead flips the contract for one exchange so Codex drives the substance.
Scope
Codex-Lead only makes sense inside a /c-codex exchange. If the user invokes it without an active or pending /c-codex call, the skill refuses and redirects:
/codex-lead is a flag for /c-codex. It has no effect on its own.
Either invoke /c-codex with the codex-lead flag set, or drop the flag.The skill cannot be used to hand control to Codex on any workflow that is not routed through /c-codex.
When It Triggers
| Trigger | Details |
|---|---|
| Manual | "/codex-lead", "let codex drive", "codex-primary", "codex leads this review" |
| Combined | "/codex-lead /c-codex review this diff", "let codex lead, then /c-codex" |
The Flipped Contract
- Claude provides a minimal brief — diff, plan, files in scope. Facts only, no opinions, so Codex isn't anchored by Claude's reading.
- Codex produces the primary output. Full review or plan critique; Codex drives the substance.
- Claude verifies every concrete claim against the repo. This is the load-bearing step. Codex can hallucinate file paths, line numbers, and function names — Claude is the ground-truth filter.
- Claude adds adversarial findings. Things Codex missed, false positives Codex raised, anywhere Codex's claim contradicts the actual code.
- Claude presents the merged output with clear attribution — the user must always see who said what.
Output Format
┌─ /c-codex (codex-lead) — <planning | code-review> ─────────────┐
│ Codex's primary findings (verified): │
│ ✓ <point> [verified against file:line] │
│ ✓ <point> [verified against file:line] │
│ │
│ Codex raised, Claude could not verify / disputes: │
│ ✗ <point> — Codex cited <X>. Actual: <Y>. │
│ │
│ Claude adds (missed by Codex): │
│ + <point> at file:line │
│ │
│ Recommended action: │
│ <1–2 lines> │
└────────────────────────────────────────────────────────┘When It's Appropriate — and When It Isn't
| Good Fit | Poor Fit |
|---|---|
| Code review on a self-contained diff | Planning that depends on repo history, team conventions, or prior decisions |
| Style / idiom review in a language Codex is strong in | Reviews where diffs reference symbols defined far from the changed lines |
| When Claude notices itself anchoring (e.g., it authored the change) | Anything touching production infra or irreversible state |
Guardrails
| Guardrail | Why |
|---|---|
| Verification is not optional | Every Codex file:line claim is checked against the actual file. Unverifiable claims go in the "could not verify" section, not the "verified" section. |
| Attribution is not optional | The output must separate Codex's findings from Claude's additions — no blended voice. |
| One exchange only | The flag does not persist across /clear, across sessions, or across multiple /c-codex calls. |
| Claude still owns safety | Codex leads the substance; Claude still owns destructive-write approval, secret redaction, and the refusal to silently rewrite code. |