cross-review
Enables cross-review using Google's Gemini API, allowing Gemini to contribute to the review process.
Enables cross-review using OpenAI's API (ChatGPT Codex), allowing OpenAI models to participate in the review process.
Enables cross-review using Perplexity's API, allowing Perplexity to participate in the review process.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@cross-reviewcross-review my latest code changes for bugs"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
cross-review
MCP server orchestrating API-first cross-review between Claude, ChatGPT Codex, Gemini, DeepSeek, Grok, and Perplexity with unanimous convergence gates.
Install.
npm install -g @lcv-ideas-software/cross-review
# or using the GitHub Packages mirror:
npm install -g @lcv-ideas-software/cross-review --registry=https://npm.pkg.github.comStatus. Stable. Current release: v04.04.06 (npm package 4.4.6). See CHANGELOG.md for the full release history.
Project renamed 2026-05-15. This project was previously published as
@lcv-ideas-software/cross-review-v2(versions 0.x through 3.7.5). v4.0.0 is the first release under the shorter canonical name@lcv-ideas-software/cross-reviewafter the companioncross-review-v1project was discontinued and archived. Historical CHANGELOG entries below v4.0.0 reference the prior name verbatim.
The version history at a glance:
Release | Scope |
| Patch — close the remaining Claude re-validation tail: orchestrator attached-evidence reads now fail closed, session_doctor defaults to action-oriented findings, and T2#10 source-regex debt drops to a locked total of 160. |
| Patch — close the seven verified residual audit items: evidence fail-closed realpath handling, typed shadow-decision runtime events, derived release date, redaction-comment correction, retry/security gate verification, and a locked T2#10 smoke source-contract budget. |
| Patch — central config can now carry model-specific rate cards, so Claude Opus 4.8 and Claude Fable 5 pricing are both stored and the active Anthropic rates follow the configured Claude model automatically. |
| Patch — continue the T2#10 smoke-debt reduction by moving the lazy provider SDK import source contract into the dedicated source-contract smoke, preserving coverage while reducing broad smoke regex pins. |
| Patch — support Claude Fable 5 as an explicit Anthropic production-model option, including verified model selection, refusal handling, refusal events, docs and cost guidance. |
| Patch — complete residual audit sweep: full mutating-tool identity gate, evidence attachment cache/safety, async EventLog flush, Perplexity auth-only probe mode, cache-cost correctness, dashboard report method split, and dedicated source-contract smoke isolation. |
| Minor — consolidated audit close-out: log-level validation, realpath containment, initial-draft fabrication guard, Perplexity probe minimization, identity audit events, derived tool list, docs and metadata guards. |
| Patch — move |
| Patch — move |
| Patch — evidence preflight now blocks paid review when the submission references an external evidence/log artifact that was not attached to the session. |
| Patch — isolate |
| Patch — filter Perplexity streaming |
| Patch — harden cross-process event sequencing, exact-match fabrication checks, Gemini missing-text handling, and streaming provider error retry classification. |
| Patch — add forensic diagnostics for append/event and identity failures, flush pending events on shutdown signals, retry structured provider 5xx errors, and refresh official AI provider SDKs. |
| Patch — harden persistence redaction, finalized-session mutation guards, side-effect identity gates, caller-token rotation output, and Windows registry config fallback. |
| Patch — tighten skip-peer classification so non-retryable provider errors block, while Anthropic overload events remain retryable and better surfaced in skip diagnostics. |
| Minor — P1/P2/P3 follow-up with unresolved-evidence close-out visibility, an offline fixture eval harness, and a read-only peer reliability report. |
| Patch — harden session auditability with terminal events, cost split reporting, |
| Patch — harden truthfulness preflight auditability, add a read-only preflight retest tool, and reduce false parser warnings for attached/log evidence. |
| Patch — promote the Gemini canonical default to |
| Patch — provider-doc refresh, Perplexity probe repair, current model pins, and rate-card guidance. |
| Patch — publish the workspace hard-gate cleanup as a package release. |
| Minor — bounded MCP session listing and cancellation semantics cleanup. |
| Patch — release the hard-gate cleanup as a published package. |
| Minor — security hardening of session-store concurrency, write-path DoS surface, and credential redaction. |
| Patch — eliminate the recurring |
| Patch — bounded npm registry fetch in the post-publish verifier. |
| Patch — Windows-safe registry verifier. |
| Patch — hard-gate close-out for the Codex v4.0.4 audit. |
| Patch — restore prettier coverage of |
| Patch — biome/check gate wiring after the v4 rename. |
| Patch — Codex second-pass audit close-out (6 findings). |
| Patch — close-out of post-v4.0.0 audit (eight surfaces left stale by the rename bulk-replace). |
| Major — project renamed to |
| Patch — logs+sessions study 2026-05-15 close-out (4 surgical fixes from 244-session/429-round corpus). |
| Patch — "sem fallback é sem fallback" directive + Codex v3.7.2 parecer residuals. |
| Patch — Codex 3rd super-audit close-out of v3.7.1 |
| Patch — Codex super-audit close-out of v3.7.0 |
| Minor — Codex super-audit close-out 2026-05-14 |
| Minor — observability + caller-discipline close-out 2026-05-14 |
| Minor — Codex operational-report close-out 2026-05-14: 5 findings from sessions |
| Minor — Perplexity multi-failure-mode close-out 2026-05-13: 3 coordinated fixes covering 7 production sessions Codex flagged ( |
| Minor — Caller peer-selection lock (operator directive 2026-05-12: "TODOS OS AGENTES/PEERS SEMPRE PARTICIPAM, INDEPENDENTE DA ESCOLHA OU VONTADE DO CALLER"). |
| Patch — Codex bug-report close-out 2026-05-12: three surgical fixes (Perplexity |
| Minor — Central config file ( |
| Major — Perplexity joins the sexteto. Quinteto (5 peers) → sexteto (6). |
| Minor — Cold-start hardening Part 3: Windows registry env-var lookup bulk-cached (3-7 s → ~100 ms). |
| Patch — Cold-start hardening Part 2: lazy-load 5 provider SDKs + defer 6 startup sweeps to setTimeout(30s). |
| Minor — Cold-start hardening Part 1: corrupted meta.json auto-quarantine + finalized-session auto-prune. |
| Patch — |
| Minor — Full pricing-model schema: base + extended-tier + cache (read/write) + promo (limited-time discount), all env-configurable, graceful fallback when fields are absent or promo expires. |
| Patch — |
| Third deliberation mode |
| Evidence-provenance lock for the ship-mode relator (Codex bug report 2026-05-10). |
| Anthropic empty-revision degenerate path detection. |
|
|
| Cross-provider prompt caching across all 5 peers (OpenAI, Anthropic, Gemini, DeepSeek, Grok). |
| Site sponsor card iteration. |
| Patch — |
| Patch — Gemini API function-declaration compatibility for MCP tool inputSchemas. |
| Patch — anti-drift smoke drivers for v2.18.4 audit closure (operator directive 2026-05-07). |
| Patch — Codex external audit 2026-05-07 outcome: 6 surgical fixes (P1.1, P1.2, P1.3, P1.4, P2.1, P2.4). |
| Patch — Gemini default pin bump |
| Tier 5 — Windows process-tree introspection (coordinated with cross-review-v1 v1.12.2). |
| Hotfix: closes Dependabot security advisory GHSA-v2v4-37r5-5v8g (medium severity) — |
| F1 caller capability tokens (coordinated with cross-review-v1 v1.11.0). |
| HARD GATE — identity forgery rejection (operator directive 2026-05-05). |
| Tribunal protocol repair plus operational doctor. |
|
|
| Backlog bundle for operational judge controls. |
| Grok reasoning model hotfix. |
| Grok joins the tribunal. |
| Lead meta-review drift fix. |
| Shadow judge observability. |
| Relator lottery plus shadow auto-wire. |
| LLM evidence-judge pass. |
| Per-peer health and Evidence Broker lifecycle. |
| Evidence Broker. |
| Fallback/recovery budget hard gate. |
| Token-delta compaction plus v2.5 format hotfix bundle. |
| Evidence and budget hardening pass. |
| CI stub fail-fast hotfix. |
| Audit-closure hardening pass. |
| Prompt shielding and financial safety. |
| CI-green README/docs cleanup. |
| README organizational standardization. |
| Provider-neutral |
| Provider token streaming. |
| CodeQL and model-selection hardening. |
| First stable |
| Session event race hotfix. |
| Background sessions and durable reports. |
| Publishing and dashboard sanitization. |
| Public npm/package metadata alignment. |
| Development package line hardening. |
| Durable session recovery alpha. |
| Model attestation and store hardening alpha. |
| Initial API/SDK-only MCP server. |
What It Does
cross-review is the stable API-first implementation of the cross-review
pattern. It orchestrates provider API clients (OpenAI/Codex, Anthropic/Claude,
Google Gemini, DeepSeek, xAI/Grok, and Perplexity Sonar) and provides an
MCP-compatible server surface.
Runtime calls are real provider calls by default. Stubs exist only for smoke
tests and CI when CROSS_REVIEW_STUB=1.
OpenAI client library for the Codex/OpenAI peer.
Anthropic TypeScript client library for Claude.
Google Gen AI client library for Gemini.
OpenAI-compatible DeepSeek API through the OpenAI client library.
OpenAI-compatible xAI Grok API through the OpenAI client library.
OpenAI-compatible Perplexity Sonar API through the OpenAI client library.
Related MCP server: consult-mcp
Quick Start
# Set API keys (PowerShell example)
[Environment]::SetEnvironmentVariable("OPENAI_API_KEY", "<OPENAI_API_KEY>", "User")
[Environment]::SetEnvironmentVariable("ANTHROPIC_API_KEY", "<ANTHROPIC_API_KEY>", "User")
[Environment]::SetEnvironmentVariable("GEMINI_API_KEY", "<GEMINI_API_KEY>", "User")
[Environment]::SetEnvironmentVariable("DEEPSEEK_API_KEY", "<DEEPSEEK_API_KEY>", "User")
[Environment]::SetEnvironmentVariable("GROK_API_KEY", "<GROK_API_KEY>", "User")
[Environment]::SetEnvironmentVariable("PERPLEXITY_API_KEY", "<PERPLEXITY_API_KEY>", "User")Restart your terminal after changing environment variables.
Build and run locally:
npm install
npm --registry=https://registry.npmjs.org run build
node dist/src/mcp/server.jsFor local smoke tests (no-cost):
$env:CROSS_REVIEW_STUB = "1"
npm --registry=https://registry.npmjs.org testConfiguration
Model selection and runtime behaviour can be controlled with environment variables. Example overrides (PowerShell):
[Environment]::SetEnvironmentVariable("CROSS_REVIEW_OPENAI_MODEL", "gpt-5.5", "User")
[Environment]::SetEnvironmentVariable("CROSS_REVIEW_OPENAI_REASONING_EFFORT", "xhigh", "User")
[Environment]::SetEnvironmentVariable("CROSS_REVIEW_ANTHROPIC_MODEL", "claude-opus-4-8", "User")
[Environment]::SetEnvironmentVariable("CROSS_REVIEW_ANTHROPIC_REASONING_EFFORT", "xhigh", "User")
[Environment]::SetEnvironmentVariable("CROSS_REVIEW_GROK_MODEL", "grok-4.20-multi-agent", "User")
[Environment]::SetEnvironmentVariable("CROSS_REVIEW_GROK_REASONING_EFFORT", "xhigh", "User")Claude Fable 5 is supported as an explicit Anthropic model override:
CROSS_REVIEW_ANTHROPIC_MODEL=claude-fable-5. It is not the default pin; when
selected, the runtime validates that pin and expects provider_refusal
failures when the API returns stop_reason="refusal". Central config.json
files can store both Claude Opus 4.8 and Fable 5 rate cards under
model_cost_rates.claude; the runtime chooses the active Anthropic rate card
from the configured Claude model.
For Grok, GROK_API_KEY is canonical. The default pin is grok-4.3, which
accepts explicit reasoning.effort through high; the adapter clamps the
shared effort scale before sending it. grok-4-latest, grok-4.20, and
grok-4.20-reasoning use xAI automatic reasoning in this runtime.
grok-4.20-multi-agent remains available as an explicit override for the
multi-agent variant.
Financial and budget controls are required for paid provider calls. Configure these environment variables before running real sessions (example):
[Environment]::SetEnvironmentVariable("CROSS_REVIEW_MAX_SESSION_COST_USD", "20", "User")
[Environment]::SetEnvironmentVariable("CROSS_REVIEW_PREFLIGHT_MAX_ROUND_COST_USD", "20", "User")
[Environment]::SetEnvironmentVariable("CROSS_REVIEW_UNTIL_STOPPED_MAX_COST_USD", "20", "User")MCP Tools
server_inforuntime_capabilitiesprobe_peerssession_initsession_listsession_readask_peerssession_start_roundrun_until_unanimoussession_start_unanimoussession_cancel_jobsession_recover_interruptedsession_pollsession_eventssession_metricssession_doctorsession_reportsession_peer_reliability_reportsession_check_convergencesession_truthfulness_preflight_checksession_attach_evidencesession_evidence_checklist_updatesession_evidence_judge_passsession_evidence_judge_consensus_passsession_judgment_precision_reportcontest_verdictescalate_to_operatorregenerate_caller_tokenssession_sweepsession_finalize
session_doctor separates real and stub sessions, flags terminal outcomes that
lack terminal events, and reports peer-call cost separately from generation
artifact cost. Terminal max-rounds and terminal not_resurfaced history stay
in totals but are omitted from default operational findings; pass
include_terminal_findings=true to enumerate that historical inventory.
session_report uses the same cost split and calls out not_resurfaced
evidence checklist items as inference-only, not proof that the requested
evidence was satisfied. If a session otherwise reaches unanimity with open or
not_resurfaced checklist items, finalization records an
*_with_unresolved_evidence outcome reason and emits a durable unresolved
evidence event. session_peer_reliability_report is read-only and aggregates
per-peer parser warnings, evidence ask status, provider failures, cost and
latency.
Repository conventions
License: Apache-2.0. See NOTICE and THIRDPARTY.
Security disclosure: see SECURITY.md.
Code of conduct: see CODE_OF_CONDUCT.md.
Changelog: CHANGELOG.md.
Contributing: see CONTRIBUTING.md.
Sponsorship: see the repo's
Sponsorbutton or central sponsor page.Action pinning: all GitHub Actions are pinned by full SHA per supply-chain hardening baseline.
Code owners: .github/CODEOWNERS.
Links
License
Apache-2.0. See LICENSE, NOTICE, and THIRDPARTY.
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/LCV-Ideas-Software/cross-review'
If you have feedback or need assistance with the MCP directory API, please join our Discord server