ClawHub

code

v1.0.0

Comprehensive code review assistant that analyzes code quality, identifies bugs, suggests improvements, and ensures adherence to best practices. Use when rev...

0· 138·0 current·0 all-time
byEvin Guo@guoshamin
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name and description match the SKILL.md content: it explains code review steps, language-specific guidance, and a review template. It does not request unrelated capabilities (no cloud creds, no unrelated binaries).
Instruction Scope
Runtime instructions are narrowly focused on reviewing source code, security, performance, style, and tests. The SKILL.md does not instruct reading unrelated system files or exfiltrating data. Note: the skill metadata lists allowed-tools (Read, Grep, Glob, Bash) which are appropriate for scanning repositories, and the document does not direct those tools to access secrets or external endpoints.
Install Mechanism
There is no install spec and no code files — the skill is instruction-only, so nothing will be downloaded or written to disk during installation.
Credentials
The skill declares no required environment variables, credentials, or config paths. This is proportionate for a code-review guidance tool.
Persistence & Privilege
The skill does not request always:true or any elevated persistence. It is user-invocable and allows normal autonomous invocation, which is the platform default and appropriate here.
Assessment
This skill is an instruction-only code-review helper and appears internally consistent. Before installing, confirm you trust the skill owner (source/homepage are unknown) and limit the agent's repository/file access to only the code you want reviewed (the skill's allowed-tools include Bash and Read which can inspect project files). If you plan to use it on private repos, ensure the agent does not also have access to unrelated secrets or system config. Finally, remember this provides review guidance — it does not replace running real static analyzers or tests; consider pairing its suggestions with automated linters and CI checks.

Like a lobster shell, security has layers — review code before you run it.

latestvk975dfez6n4nqby621qe8z7zwn830tht

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments