Code Review Engine
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may read local code or diffs that could contain proprietary code or secrets.
The skill is expected to inspect local repository state or files to perform code review. This is purpose-aligned, and no destructive or write commands are shown.
Review the staged changes in this repo
Use it only on repositories, files, and diffs you intend the agent to review, and avoid including unrelated sensitive files.
If used with an authenticated GitHub account, the agent may access PRs or repository data available to that account.
Using the GitHub CLI may rely on the user's existing GitHub authentication and repository permissions. That is expected for PR review, but it can expose private repository content to the reviewing agent.
**GitHub & local git integration** — works with `gh` CLI or raw diffs
Confirm the active GitHub account and repository before use, and prefer least-privilege access for automated review workflows.
If scheduled, the skill could repeatedly review new PRs without a separate prompt for each PR.
The README describes possible scheduled, recurring operation. No persistence mechanism or automatic installation is shown, and SKILL.md indicates auto_trigger is false, so this appears to require user configuration.
**Heartbeat/cron ready** — auto-review new PRs on a schedule
Only enable scheduling with explicit repo scope, clear frequency, and review/notification controls.
It is harder to verify the publisher's source history or compare future updates.
The registry metadata does not provide a source repository or homepage for independent provenance review. The skill is instruction-only, which limits install-time supply-chain risk.
Source: unknown; Homepage: none
Install only if you trust the registry publisher, and re-check the skill instructions after updates.