ClawHub
Back to skill
v1.0.1

OpenClaw代码审查助手

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 7:52 AM.

Analysis

The skill advertises real code review and security scanning, but the included script mostly prints canned example findings unrelated to the user's code.

GuidanceReview this skill carefully before installing. It does not show evidence of destructive or exfiltrating behavior, but it appears to be a stub that can give fake-looking code review results. Do not rely on it for security decisions or provide a GitHub token unless the implementation and token scopes are clearly documented.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Human-Agent Trust Exploitation
SeverityMediumConfidenceHighStatusConcern
code-review-assistant.sh
echo "📁 Reviewing: $TARGET" ... cat << 'REPORT' ... "File: example.js" ... "✅ Review complete!"

The review branch accepts a user target but then emits a hard-coded report about example.js; no artifact code reads or analyzes the target, contradicting the advertised review/security-scanning purpose.

User impactA user could believe their actual code was reviewed and miss real bugs or vulnerabilities.
RecommendationTreat this as a demo/stub unless real analysis is added; do not rely on its reports for merge or security decisions.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
_meta.json
"ownerId": "kn754w8negkve53dntzhycyd0h82565k", "slug": "code-review-assistant", "version": "1.0.0"

The bundled metadata differs from the supplied registry listing, which names a different owner ID, slug, and version; this creates package provenance/version ambiguity.

User impactIt is harder to confirm that the reviewed files correspond exactly to the registry entry being installed.
RecommendationAlign bundled metadata with the registry listing and verify the publisher/source before installing.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityLowConfidenceMediumStatusNote
code-review-assistant.sh
echo "⚠️ GitHub integration not configured"; echo "   Set GITHUB_TOKEN to enable PR reviews"

The script asks for a GitHub token for PR reviews, while the provided metadata declares no required environment variables or primary credential; the code shown does not actually use the token.

User impactIf a user later provides a broad GitHub token, it could grant repository authority beyond what is currently documented.
RecommendationDo not provide a GitHub token unless the skill documents the required scopes and implements a clear, reviewable PR workflow.