ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Modified Code Review

Reviews user-modified code (diffs/PRs), provides best-practice recommendations, analyzes cost-effectiveness of the approach, and outputs a code score. Use wh...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 284 · 0 current installs · 0 all-time installs
bywangzhiming@wangzhiming1999
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the runtime instructions: the skill reviews user-provided diffs/PRs and recommends changes. It does not request unrelated credentials, binaries, or external services.
Instruction Scope
SKILL.md instructs the agent to inspect git status/git diff and opened/selected files and to consult project conventions (ESLint, CLAUDE.md). That is appropriate for code review, but it does mean the agent will read repository files and diffs — ensure no sensitive secrets are left in the repo or diffs you provide.
Install Mechanism
Instruction-only skill with no install spec and no code files — nothing is written to disk and no external packages are fetched.
Credentials
The skill declares no required environment variables, credentials, or config paths. The instructions reference only repository files and diffs, which is proportionate to a code-review task.
Persistence & Privilege
always:false (default) and no requests to modify other skills or system settings. The skill can be invoked autonomously by the agent (platform default), which is expected for skills of this type.
Assessment
This skill appears internally consistent for reviewing code diffs/PRs. Before installing: (1) review the SKILL.md to confirm its behavior; (2) avoid providing diffs or repositories that contain production secrets or credentials, since the skill will read repo files; (3) test the skill on a non-sensitive sample repo first; (4) if you have concerns about autonomous invocation, restrict when the agent may call skills or only invoke this skill manually.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk973fchkhqjacnfqqx7ng7nkxh829zp1

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

修改代码评审(Modified Code Review)

对用户修改的代码进行评审,给出最佳实践建议、修改方案性价比分析,并输出代码评分。

触发场景

  • 用户要求「review 我修改的代码」「审查修改」「代码评审」
  • 用户需要「最佳实践方案」「修改方案性价比」「代码评分」
  • 用户提供 git diff、PR 或指定文件/改动范围

执行流程

1. 获取改动范围

  • 若用户未指定:先看 git status / git diff 或当前打开/选中的文件
  • 明确本次评审的文件与改动内容(新增、修改、删除)

2. 评审维度

按以下维度分析修改,并给出结论与建议:

维度关注点
正确性逻辑是否正确、边界与异常是否考虑、是否有明显 bug
可读性命名、结构、注释是否清晰,是否符合项目风格
可维护性是否易扩展、是否过度耦合、重复代码
性能是否有不必要的计算、内存/请求是否合理
安全输入校验、敏感数据、XSS/注入等
测试关键路径是否有测试、用例是否合理

3. 最佳实践建议

  • 每条建议标明:必须改 / 建议改 / 可选优化
  • 若与项目约定(如 CLAUDE.md、ESLint、现有模式)冲突,以项目约定为准并说明
  • 建议附带简短理由和(如适用)示例代码片段

4. 修改方案性价比

对主要修改方案做「性价比」评估:

  • 收益:可维护性、性能、可读性、风险降低等
  • 成本:改动量、影响范围、回归风险、时间预估
  • 结论:高性价比(建议优先)/ 中性价比(可选)/ 低性价比(暂不推荐),并简述原因

5. 代码评分

采用百分制,并给出等级与一句话总结:

分数区间等级含义
90–100A 优秀可直接合并,仅有个别小建议
75–89B 良好整体达标,有若干改进点
60–74C 合格能用但建议按优先级修复/优化
40–59D 需改进存在明显问题,建议修改后再合
0–39E 不达标存在严重问题,需重构或重做

评分需结合:正确性权重最高,其次可维护性/可读性,再考虑性能与安全。

输出模板

按以下结构组织回复(可用中文):

## 修改代码评审报告

### 一、改动概览
- 涉及文件与变更类型
- 主要改动摘要(1–3 句)

### 二、评审结论(按维度)
- 正确性:…
- 可读性:…
- 可维护性:…
- 性能:…
- 安全:…
- 测试:…

### 三、最佳实践建议
- [必须改] …
- [建议改] …
- [可选优化] …

### 四、修改方案性价比
- 方案/建议 1:收益 vs 成本 → 性价比结论
- (其他主要方案按需)

### 五、代码评分
- **分数**:XX / 100(等级:X)
- **一句话总结**:…

注意事项

  • 评审基于用户提供的 diff/文件/上下文,不臆测未展示的代码
  • 与项目技术栈、既有风格一致(如 Next.js、TypeScript、Zustand、Tailwind 等)
  • 性价比与评分需简要说明依据,便于用户决策

Files

3 total
Select a file
Select a file to preview.

Comments

Loading comments…