Review Pr
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is coherent for Gitee PR review, but it tells the agent to publish a PR comment by default without an explicit user confirmation step.
Before installing, make sure you want this skill to interact with Gitee PRs through your configured MCP account. Ask it to draft the review first and only post after you approve the exact comment, repository, and PR number.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could post an AI-generated review to a Gitee PR under the configured account, which may be visible to collaborators or the public and could affect a development workflow.
This instructs the agent to publish a remote PR comment as the default workflow, but the artifact does not require an explicit user confirmation or preview before posting.
### Step 6: Post Review Comment Use `comment_pull` to post the review to the PR.
Change the workflow to draft the review in chat first, verify the exact repository and PR number, and only call `comment_pull` after the user explicitly approves posting.
PR reads and comments will use the permissions and identity configured in the Gitee MCP server.
The skill relies on a configured Gitee MCP server, which likely acts with the user's or workspace's Gitee permissions.
requires:
mcp-servers:
- giteeUse a least-privileged Gitee token or account and confirm which identity the MCP server uses before allowing the skill to post comments.
If a local `mcporter` binary is used, MCP calls depend on that local tool's behavior and provenance.
The skill prefers an optional local CLI helper that is not provided or version-pinned in the artifact set.
If you have `mcporter` installed locally, you should use `mcporter` to invoke the MCP tool instead of directly calling the MCP tool.
Only use a trusted, known installation of `mcporter`, or use the configured Gitee MCP tools directly.