ClawHub
Back to skill
v1.0.0

Review

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 7:54 AM.

Analysis

The skill is a coherent PR-review helper, but it also tells the agent to edit code automatically, depend on missing checklist files, and log results without a clear destination.

GuidanceInstall only if you are comfortable with the agent reading your current repository and GitHub PR metadata, and do not run it on important branches unless you are prepared for it to edit files. Prefer a version that packages its checklist files and requires explicit approval before applying any fixes or logging results.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityHighConfidenceHighStatusConcern
SKILL.md
### 5b: Auto-fix all AUTO-FIX items
Apply each fix directly.

This directs the agent to change repository files during a review workflow without first requiring user approval for those AUTO-FIX items.

User impactA user asking for a PR review could get code changes applied to their branch before they explicitly approve them.
RecommendationMake all code edits opt-in: present a patch or list of proposed fixes first, require confirmation, and document how users can revert changes.
Agentic Supply Chain Vulnerabilities
SeverityMediumConfidenceHighStatusConcern
SKILL.md
Read `.claude/skills/review/checklist.md`. If cannot be read, STOP and report error.

The provided manifest contains only SKILL.md, yet the review process depends on an unprovided checklist that controls core review logic and AUTO-FIX classification.

User impactThe installed skill may fail, or it may follow a local checklist that was not reviewed with the skill and could change what the agent edits or recommends.
RecommendationPackage the referenced checklist files with the skill, pin their contents, and make any external or user-provided checklist behavior explicit.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityLowConfidenceHighStatusNote
SKILL.md
`gh pr view --json baseRefName -q .baseRefName`

The skill uses GitHub CLI commands that may rely on the user's local GitHub authentication, while the metadata declares no primary credential.

User impactThe skill may read PR and repository metadata through the user's existing GitHub CLI account context.
RecommendationDisclose the git and gh dependencies, note that local GitHub CLI authentication may be used, and keep access limited to the current repository.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning
SeverityMediumConfidenceMediumStatusConcern
SKILL.md
Log result for Review Readiness Dashboard.

The instruction calls for logging review results but does not define the destination, contents, retention, or whether the user approves that persistence.

User impactReview findings or code-related details could be stored somewhere the user did not expect.
RecommendationSpecify the dashboard storage location, exact data logged, retention policy, and require user opt-in before writing persistent review results.