Pilot Code Review Pipeline Setup

v1.0.0

Deploy an automated code review pipeline with 3 agents. Use this skill when: 1. User wants to set up an automated code review or PR analysis pipeline 2. User...

⭐ 0· 80·0 current·0 all-time

byCalin Teodor@teoslayer

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for teoslayer/pilot-code-review-pipeline-setup.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "Pilot Code Review Pipeline Setup" (teoslayer/pilot-code-review-pipeline-setup) from ClawHub.
Skill page: https://clawhub.ai/teoslayer/pilot-code-review-pipeline-setup
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: pilotctl, clawhub
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install pilot-code-review-pipeline-setup

ClawHub CLI

Package manager switcher

npx clawhub@latest install pilot-code-review-pipeline-setup

Security Scan

Capability signals

Crypto

These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.

VirusTotal

Benign

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

Name/description require pilotctl and clawhub; the instructions use those binaries to install pilot-* skills, set hostnames, create manifests, and establish handshakes — all consistent with setting up a Pilot protocol pipeline.

✓

Instruction Scope

Runtime instructions are limited to installing skills via clawhub, running pilotctl commands, and writing a JSON manifest to ~/.pilot/setups. The instructions do not direct reading of unrelated system files, exporting environment variables, or contacting unexpected external endpoints beyond the protocol's expected bridges.

✓

Install Mechanism

This is instruction-only (no install spec). That is the lowest-risk pattern: nothing is downloaded or written by the skill itself beyond the manifest the user is told to create.

ℹ

Credentials

The skill itself does not request any environment variables or credentials (none declared). However, it instructs installing bridge components (e.g., pilot-github-bridge, pilot-slack-bridge) which in practice will likely require service tokens (GitHub, Slack) not mentioned here — users should expect to supply those to the respective bridge skills.

✓

Persistence & Privilege

always is false and there is no attempt to modify other skills' configs beyond installing them and creating a local manifest in ~/.pilot/setups. Autonomous invocation settings are default; no excessive privileges requested.

Assessment

This skill is coherent with its stated purpose, but before installing: 1) ensure pilotctl and clawhub are legitimate binaries from sources you trust; 2) be prepared that the pilot-* bridge skills you install (GitHub, Slack, webhooks) will likely require service tokens and permissions — verify how those bridge skills request and store credentials; 3) the setup writes a manifest to ~/.pilot/setups and runs pilotctl handshakes that establish trust between agents, so only run this in environments/hosts you control; 4) audit the individual pilot-* skills you install for access scope and endpoints before connecting them to production repos or channels.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

Binspilotctl, clawhub

latestvk971s34j6vd9vt5m1vq6dtgjyh85argc

80downloads

0stars

1versions

Updated 5d ago

v1.0.0

MIT-0

Code Review Pipeline Setup

Deploy 3 agents that scan PRs, analyze code quality, and report review results.

Roles

Role	Hostname	Skills	Purpose
scanner	`<prefix>-scanner`	pilot-github-bridge, pilot-task-router, pilot-metrics	Runs static analysis and security scans on PRs
reviewer	`<prefix>-reviewer`	pilot-event-filter, pilot-alert, pilot-audit-log	Analyzes scan results, suggests improvements
reporter	`<prefix>-reporter`	pilot-webhook-bridge, pilot-slack-bridge, pilot-receipt	Posts PR comments, sends notifications

Setup Procedure

Step 1: Ask the user which role this agent should play and what prefix to use.

Step 2: Install the skills for the chosen role:

# For scanner:
clawhub install pilot-github-bridge pilot-task-router pilot-metrics

# For reviewer:
clawhub install pilot-event-filter pilot-alert pilot-audit-log

# For reporter:
clawhub install pilot-webhook-bridge pilot-slack-bridge pilot-receipt

Step 3: Set the hostname:

pilotctl --json set-hostname <prefix>-<role>

Step 4: Write the setup manifest:

mkdir -p ~/.pilot/setups
cat > ~/.pilot/setups/code-review-pipeline.json << 'MANIFEST'
{
  "setup": "code-review-pipeline",
  "setup_name": "Code Review Pipeline",
  "role": "<ROLE_ID>",
  "role_name": "<ROLE_NAME>",
  "hostname": "<prefix>-<role>",
  "description": "<ROLE_DESCRIPTION>",
  "skills": { "<skill>": "<contextual description>" },
  "peers": [ { "role": "...", "hostname": "...", "description": "..." } ],
  "data_flows": [ { "direction": "send|receive", "peer": "...", "port": 1002, "topic": "...", "description": "..." } ],
  "handshakes_needed": [ "<peer-hostname>" ]
}
MANIFEST

Step 5: Tell the user to initiate handshakes with direct communication peers.

Manifest Templates Per Role

scanner

{
  "setup": "code-review-pipeline", "setup_name": "Code Review Pipeline",
  "role": "scanner", "role_name": "Code Scanner",
  "hostname": "<prefix>-scanner",
  "description": "Runs static analysis, linting, and security scans on PRs.",
  "skills": {
    "pilot-github-bridge": "Watch for new PRs, fetch diffs and changed files for scanning.",
    "pilot-task-router": "Route scan tasks across analysis tools and collect results.",
    "pilot-metrics": "Track scan counts, finding severity distribution, and scan duration."
  },
  "peers": [
    { "role": "reviewer", "hostname": "<prefix>-reviewer", "description": "Receives scan results for code analysis" },
    { "role": "reporter", "hostname": "<prefix>-reporter", "description": "Final stage — does not communicate directly" }
  ],
  "data_flows": [
    { "direction": "send", "peer": "<prefix>-reviewer", "port": 1002, "topic": "scan-result", "description": "Scan results with findings and severity" }
  ],
  "handshakes_needed": ["<prefix>-reviewer"]
}

reviewer

{
  "setup": "code-review-pipeline", "setup_name": "Code Review Pipeline",
  "role": "reviewer", "role_name": "Code Reviewer",
  "hostname": "<prefix>-reviewer",
  "description": "Analyzes scan results, checks code patterns, suggests improvements.",
  "skills": {
    "pilot-event-filter": "Filter scan results by severity and relevance before analysis.",
    "pilot-alert": "Flag critical findings that need immediate attention.",
    "pilot-audit-log": "Log all review decisions for compliance and traceability."
  },
  "peers": [
    { "role": "scanner", "hostname": "<prefix>-scanner", "description": "Sends scan results from PR analysis" },
    { "role": "reporter", "hostname": "<prefix>-reporter", "description": "Receives review verdicts for reporting" }
  ],
  "data_flows": [
    { "direction": "receive", "peer": "<prefix>-scanner", "port": 1002, "topic": "scan-result", "description": "Scan results with findings and severity" },
    { "direction": "send", "peer": "<prefix>-reporter", "port": 1002, "topic": "review-verdict", "description": "Review verdict with suggestions and approval status" }
  ],
  "handshakes_needed": ["<prefix>-scanner", "<prefix>-reporter"]
}

reporter

{
  "setup": "code-review-pipeline", "setup_name": "Code Review Pipeline",
  "role": "reporter", "role_name": "Review Reporter",
  "hostname": "<prefix>-reporter",
  "description": "Formats review results, posts PR comments, tracks metrics.",
  "skills": {
    "pilot-webhook-bridge": "Post review comments to GitHub PRs via webhook.",
    "pilot-slack-bridge": "Send review summaries to Slack channels.",
    "pilot-receipt": "Confirm delivery of review notifications to external systems."
  },
  "peers": [
    { "role": "scanner", "hostname": "<prefix>-scanner", "description": "First stage — does not communicate directly" },
    { "role": "reviewer", "hostname": "<prefix>-reviewer", "description": "Sends review verdicts for reporting" }
  ],
  "data_flows": [
    { "direction": "receive", "peer": "<prefix>-reviewer", "port": 1002, "topic": "review-verdict", "description": "Review verdict with suggestions and approval status" },
    { "direction": "send", "peer": "external", "port": 443, "topic": "review-notification", "description": "Review notification posted to PR and Slack" }
  ],
  "handshakes_needed": ["<prefix>-reviewer"]
}

Data Flows

scanner -> reviewer : scan-result events (port 1002)
reviewer -> reporter : review-verdict events (port 1002)
reporter -> external : review-notification via webhook (port 443)

Handshakes

# scanner and reviewer handshake with each other:
pilotctl --json handshake <prefix>-reviewer "setup: code-review-pipeline"
pilotctl --json handshake <prefix>-scanner "setup: code-review-pipeline"

# reviewer and reporter handshake with each other:
pilotctl --json handshake <prefix>-reporter "setup: code-review-pipeline"
pilotctl --json handshake <prefix>-reviewer "setup: code-review-pipeline"

Workflow Example

# On reviewer — subscribe to scan results:
pilotctl --json subscribe <prefix>-scanner scan-result

# On reporter — subscribe to review verdicts:
pilotctl --json subscribe <prefix>-reviewer review-verdict

# On scanner — publish a scan result:
pilotctl --json publish <prefix>-reviewer scan-result '{"pr":142,"repo":"acme/api","findings":[{"file":"auth.go","line":58,"severity":"high","rule":"sql-injection"}]}'

# On reviewer — publish a review verdict:
pilotctl --json publish <prefix>-reporter review-verdict '{"pr":142,"status":"changes_requested","comments":1}'

Dependencies

Requires pilot-protocol skill, pilotctl binary, clawhub binary, and a running daemon.

Comments

Loading comments...