Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
pr-review
v2.0.1Find and fix code issues before publishing a PR. Single-pass review with auto-fix. Use when reviewing code changes before submission or auditing existing cod...
⭐ 0· 1.2k·4 current·4 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The skill is named pr-review and its instructions implement a 'pre-review' workflow: running git diffs, reading project config (eslint, tsconfig, CLAUDE.md), analyzing files, and applying fixes. Requiring the git binary and reading repository files is proportionate to the stated purpose. Minor naming inconsistency: the docs and commands mostly refer to 'pre-review' while the skill name is 'pr-review', but this is likely cosmetic.
Instruction Scope
The SKILL.md explicitly instructs the agent to read repository files, run git diff/blame, analyze code, and perform in-place auto-fixes above configured confidence thresholds (>=70 for diff mode, >=80 for audit). Reading project configuration files (CLAUDE.md, .eslintrc*, package.json) is expected for guideline-aware review. The notable operational risk is that the skill will edit repository files automatically — users should expect and review changes (git diff) after running. There are no instructions to read system-wide files or environment secrets outside the repository.
Install Mechanism
This is an instruction-only skill with no install spec or code files that execute arbitrary downloads. That minimizes install-time risk; nothing is fetched from external URLs or written to disk by an installer.
Credentials
The skill declares no required environment variables, credentials, or config paths outside the repo. The files it reads (repo config and project files) are appropriate for a code-review tool. There are no requests for unrelated cloud or service credentials.
Persistence & Privilege
always:false (normal). The skill is allowed to run autonomously by default (platform default) and its instructions include making edits to repository files. Autonomous invocation combined with auto-edit behavior increases the practical blast radius: consider requiring explicit confirmation before allowing edits or running the skill on a disposable branch. The skill does not request persistent system-wide privileges or modify other skills.
Assessment
This skill is coherent for its stated purpose: it will read your repository (git diff, config files, source files) and apply automatic fixes above configured confidence thresholds. Things to consider before running:
- Back up or commit your branch first (run on a feature branch) so you can review or revert changes.
- Review the diffs after the run (git diff --stat and full diff) and run your tests before pushing.
- Note the auto-fix behavior: Diff mode auto-fixes issues scoring >=70 and Audit mode >=80 — adjust your expectations accordingly.
- If you don't want the agent to edit files without explicit approval, require confirmation or run the tool in a dry-run/report-only mode.
- The skill is instruction-only (no external installers), reads only repo files, and requests no cloud credentials — there are no obvious indicators of secret exfiltration or out-of-scope access.
- Minor naming inconsistency: documentation refers to 'pre-review' commands while the skill is named 'pr-review' — confirm command names when installing/invoking.
If you want extra assurance, run it on a non-production copy of the repo first and inspect the changes before trusting it on critical branches.Like a lobster shell, security has layers — review code before you run it.
latestvk97czqcgkcc0k8606bzavczkqn823wft
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
Binsgit