ClawHub

GI Code Review

Review code for quality, security, and maintainability following team standards. Use when reviewing pull requests, examining code changes, or when the user a...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 14 · 0 current installs · 0 all-time installs
by@laimiaohua
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description match the instructions: the SKILL.md gives a concrete checklist for reviewing Vue3, FastAPI, and Python code. It references project-specific conventions and libraries (e.g., AsyncSqlSessionTemplate, tkms.get_env, ApiException), which is coherent if this is intended for that team but means recommendations will be biased toward that codebase.
Instruction Scope
Instructions are limited to reviewing code quality, security, maintainability and present a clear checklist and feedback format. The skill does not direct the agent to read arbitrary system files, environment variables, or to transmit data to external endpoints.
Install Mechanism
No install spec and no code files (instruction-only), so nothing will be written to disk or downloaded by the skill itself — lowest-risk install posture.
Credentials
The skill requests no environment variables or credentials. It explicitly advises checking for hardcoded secrets (a sensible checklist item) but does not ask for any secret values itself.
Persistence & Privilege
always is false and there are no indications the skill attempts to modify agent/system settings. Autonomous invocation is allowed by default (normal) but not elevated here.
Assessment
This skill is an instruction-only code-review checklist tailored to Vue3/FastAPI/Python and appears safe and coherent. Know that its recommendations reference project-specific conventions (tkms, AsyncSqlSessionTemplate, get_env) and may not fit other codebases; avoid pasting secrets or credentials into the chat when asking for a review. If you want reviews for a different stack or generic guidance, request a more general checklist or edit the SKILL.md to remove project-specific assumptions. If you plan to let an agent run autonomously with this skill, be aware the agent could initiate reviews on code you provide — that is expected behavior but verify you’re comfortable with any code snippets you share.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk97dh29w6ecgg6m7agrzt8yc618306yk

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Code Review 代码审查

按照团队规范对代码进行质量、安全和可维护性审查。适用于 Vue3、FastAPI、Python 技术栈。

何时使用

  • 用户请求代码审查
  • 审查 Pull Request 或代码变更
  • 用户提到「帮我看看这段代码」「review 一下」「代码质量」

审查清单

1. 正确性与逻辑

  • 逻辑正确,处理边界情况
  • 无明显的空指针/未定义访问
  • 异步逻辑正确(async/await 配对)
  • 错误处理完整,有 try/except 或 .catch()

2. 安全

  • 无 SQL 注入(使用参数化查询)
  • 无 XSS(Vue 已转义,注意 v-html)
  • 敏感信息不硬编码(用 get_env 或配置)
  • 接口有权限校验(如需要)

3. 代码风格与可维护性

  • 符合项目约定(router/service/dao 分层)
  • 函数职责单一,长度适中
  • 命名清晰(变量、函数、路由)
  • 有必要的注释和日志

4. 性能

  • 无 N+1 查询(批量查询或 join)
  • 大列表考虑分页
  • 前端避免不必要的重复渲染

5. 测试

  • 关键逻辑有测试覆盖
  • 边界情况有测试

反馈格式

  • 🔴 必须修复:影响正确性、安全或严重性能问题
  • 🟡 建议改进:可读性、可维护性、最佳实践
  • 🟢 可选优化:锦上添花

项目规范参考

  • 后端:app/dao、app/service、app/router、app/model(entity/dto/vo)
  • 数据库:使用 AsyncSqlSessionTemplate(insert/update/query_one/query_list)
  • 报错:from tkms.exception.api import ApiException
  • 配置:from tkms import get_env
  • 前端:Vue3 + Ant Design,components/views/services 分层

Files

1 total
Select a file
Select a file to preview.

Comments

Loading comments…