ClawHub

Code Reviewer

AdvisoryAudited by Static analysis on May 4, 2026.

Overview

No suspicious patterns detected.

Findings (0)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

NoteHigh Confidence
ASI02: Tool Misuse and Exploitation
What this means

The agent may read your local code changes and, if you confirm, alter files in your working tree.

Why it was flagged

The skill permits local git inspection and optional local code modification, which is appropriate for code review but should remain user-directed.

Skill content
Git diff: "Review my uncommitted changes" → runs `git diff` ... The agent can: ... Apply changes directly (with confirmation)
Recommendation

Use it on intended repositories only, review any proposed patch before approval, and keep version control backups for easy rollback.