Java Code Reviewer
v1.0.0Java 代码审查报告生成器。用于审查 Java 代码变更,生成结构化审查报告。 触发场景: (1) 审查 git diff 或代码变更 (2) 审查 Java 源文件 (3) 代码质量检查 (4) PR/CR 审查 (5) 检查代码是否符合 Google Java Style、阿里 Java 开发手册、Clea...
⭐ 1· 543·3 current·3 all-time
by@wxweven
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name, description, and included files (rules and report templates) align with a Java code-reviewer. There are no required binaries, environment variables, or config paths that would be unnecessary for a code-review instruction-only skill.
Instruction Scope
SKILL.md confines work to user-provided inputs (git diff or Java sources), the shipped rules (references/rules.md), and templates. One notable requirement: every issue must include 'complete, runnable' before-and-after code snippets — this is a behavioral constraint (may encourage the agent to generate full code examples) but not a hidden data-access instruction. The skill does not instruct the agent to read system files, environment variables, or call external endpoints.
Install Mechanism
Instruction-only skill with no install spec and no code execution written to disk. This is the lowest-risk install model.
Credentials
No required environment variables, credentials, or config paths are declared. The skill does not request unrelated secrets or cloud credentials.
Persistence & Privilege
always:false and no install behavior. The skill does not request elevated persistence or modify other skill/system settings.
Assessment
This skill appears coherent for generating Java review reports and uses only local templates and rule documents. Before installing or running it: (1) do not feed it secrets — any secrets present in supplied diffs/sources will be included in the generated report; (2) validate and test any "修复后代码" the tool outputs — the requirement for "complete, runnable" patches may cause the model to fabricate code that compiles but is functionally incorrect or omits context (build config, imports, dependencies); (3) review the rule set and templates to ensure they match your coding standards; (4) because the skill can be invoked by the agent, restrict automated invocation in high-security contexts if you do not want unattended reports. Overall the skill is internally consistent, but always review generated fixes before merging them.Like a lobster shell, security has layers — review code before you run it.
latestvk9748hfn17fee6qs7ybt72f02583dg33
License
MIT-0
Free to use, modify, and redistribute. No attribution required.