ClawHub

Review Verification Protocol

v1.0.0

Mandatory verification steps for all code reviews to reduce false positives. Load this skill before reporting ANY code review findings.

0· 123·0 current·0 all-time
byKevin Anderson@anderskev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name, description, and the SKILL.md all describe a code-review verification checklist; there are no unrelated env vars, binaries, or installs requested that would be unexpected for this purpose.
Instruction Scope
Instructions correctly ask the agent to read full code, search for usages (grep/find), and check build/test/compile contexts — all within scope of a review checklist. Note: the protocol assumes the agent has access to the repository and tooling to perform searches and to consult docs/crate versions; that access is required but not declared (no env/credentials needed).
Install Mechanism
No install spec and no code files — instruction-only, so nothing is written to disk or downloaded.
Credentials
The skill requests no environment variables, credentials, or config paths. Its recommended actions (search, inspect code, check docs) do not require secrets or unrelated credentials.
Persistence & Privilege
always is false and the skill does not request persistent presence or modify other skills or system-wide settings.
Assessment
This skill is an instruction-only checklist for reducing false positives in code reviews (Rust-focused). It does not request credentials or install anything, so it is internally coherent. Before enabling: confirm your agent will have read access to the repository and any local tooling (grep/find, build/test) the checklist assumes; be aware the checklist is prescriptive—if followed rigidly it may suppress borderline findings, so keep human judgment. If you need broader language support (non-Rust projects) or network access to check external docs/crate versions, verify the agent has those capabilities and that you trust the skill owner.

Like a lobster shell, security has layers — review code before you run it.

latestvk979r2ssq6herwmtk9s6zeern583ppyz

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments