LogicArt Code Review
AI-powered code analysis via LogicArt — find bugs, security issues, and get logic flow visualizations. Use when reviewing code, analyzing code quality, findi...
MIT-0 · Free to use, modify, and redistribute. No attribution required.
⭐ 0 · 294 · 0 current installs · 0 all-time installs
duplicate of @JPaulGrayson/quack-code-review
MIT-0
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description align with the implementation: the bundled script reads code (from --code or --file), determines language, and POSTs it to https://logic.art/api/agent/analyze for analysis. No unrelated env vars, binaries, or installs are requested.
Instruction Scope
SKILL.md and the script instruct running scripts/analyze.mjs with a --file path or --code. The script will read any file path provided and send its full contents to the remote API. That is appropriate for code review, but the instructions do not warn about sensitive files or secrets and do not filter/sanitize inputs — so a user or an autonomous agent could inadvertently exfiltrate private keys, credentials, or other secrets if asked to 'review' arbitrary paths.
Install Mechanism
No install spec; the skill is instruction-only with a small included Node script. No external downloads, package installs, or archive extraction are present.
Credentials
No environment variables, credentials, or config paths are requested. The script does not read environment secrets. Network access is required to reach the logic.art API, which is expected for a cloud-based analysis service.
Persistence & Privilege
always is false, no system-wide changes or skill-configuration modifications are made, and the skill does not request permanent presence or elevated privileges.
Assessment
This skill is internally consistent for a remote code-review tool: it reads code (or any file you point it at) and POSTs the file contents to https://logic.art/api/agent/analyze. Before using: (1) confirm you trust logic.art and understand its privacy policy; (2) do not ask the skill or an autonomous agent to review sensitive files (private keys, credentials, .env files, proprietary secrets); (3) consider sanitizing or removing secrets from files before sending; (4) prefer pasting only the specific code you want analyzed rather than passing repository root paths or system paths; and (5) review the included scripts/analyze.mjs (it is small and readable) to verify no unexpected endpoints or obfuscation are present. If you need stricter guarantees, run analysis only on local tools or services that you control, or require an API key/authorization you manage.Like a lobster shell, security has layers — review code before you run it.
Current versionv1.0.0
Download ziplatest
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
SKILL.md
Code Review
AI code analysis powered by LogicArt at https://logic.art.
Analyze Code
node {baseDir}/scripts/analyze.mjs --code "function add(a,b) { return a - b; }"
Or analyze a file:
node {baseDir}/scripts/analyze.mjs --file path/to/code.js
API
Endpoint: POST https://logic.art/api/agent/analyze
curl -s -X POST "https://logic.art/api/agent/analyze" \
-H "Content-Type: application/json" \
-d '{"code": "your code here", "language": "javascript"}'
Response typically includes: bugs, security issues, complexity score, suggestions, and logic flow.
Full Repository Scans
For scanning entire repositories, use Validate Repo: https://validate-repo.replit.app
Presenting Results
When showing results to the user:
- Lead with critical bugs/security issues
- Show complexity score
- List suggestions by priority
- Include logic flow if provided
Works Great With
- workflow-engine — Chain code reviews into CI/CD pipelines
- quack-coordinator — Hire specialist reviewer agents
Powered by Quack Network 🦆
Files
2 totalSelect a file
Select a file to preview.
Comments
Loading comments…