claude-review
Security checks across static analysis, malware telemetry, and agentic risk
Overview
Prompt-injection indicators were detected in the submitted artifacts (system-prompt-override); human review is required before treating this skill as clean.
Before using this skill, make sure Claude CLI is installed from the official source and configured with an account you intend to use. When asking for a review, keep the context path narrow and avoid folders containing credentials, private documents, or unrelated secrets. Review or clear ~/.openclaw/workspace/LESSONS.md if you do not want past review failures reused across future tasks. ClawScan detected prompt-injection indicators (system-prompt-override), so this skill requires review even though the model response was benign.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
When invoked, the agent may spend extra cycles fixing and re-reviewing before giving a final answer.
The skill changes the agent's stopping condition during a requested review, but it is bounded to three failed cycles and matches the quality-gate purpose.
Only finish after the verdict is **PASS** ... After 3 failed cycles, finish but attach the full review report
Use the trigger only when you want this review loop, and ask the agent to stop or summarize if you do not want further edits.
Files in the selected context folder may be read by a separate Claude process without interactive permission prompts.
The command suppresses Claude CLI permission prompts while limiting the reviewer to read/search tools; this is purpose-aligned for review but can read everything under the selected context path.
Read ALL files at the given path ... claude --print ... --dangerously-skip-permissions ... --tools "Read,Glob,Grep" ... --no-session-persistence
Point the review only at intended output files or narrowly scoped folders, and avoid including secrets such as .env files, credentials, or unrelated private documents.
Reviews will use the configured Claude account and may consume API quota or credits.
The skill depends on the user's existing Claude CLI credentials, which is expected for this integration; the artifacts do not show hardcoded keys, credential logging, or unrelated credential use.
Valid API key configured for Claude CLI
Use an appropriate Claude CLI profile, monitor usage, and avoid running reviews from an account with unnecessary privileges.
A user may need to install and trust an external npm package before the skill works.
The skill requires an external globally installed CLI, while the registry metadata lists no required binaries or install spec; this is an under-declared but purpose-aligned dependency.
`claude` CLI must be installed and available in PATH (`npm install -g @anthropic-ai/claude-code`)
Install Claude CLI only from the official source, keep it updated, and verify the installed binary before using the skill.
Review failures, task names, paths, and issue summaries may remain in LESSONS.md and be reused in later reviews.
The skill intentionally creates persistent review memory that can influence future reviews; this is disclosed and relevant, but users should be aware it persists task details.
Failed reviews are auto-logged to `LESSONS.md` ... This file is also auto-read on every review
Periodically inspect or clear LESSONS.md, and set LESSONS_FILE to a project-specific location if you do not want lessons shared across tasks.