ClawHub

Repo Guardian

v1.4.1

Automated GitHub PR review governance and repository maintenance automation. Use when reviewing pull requests with dual-model consensus, enforcing merge gate...

0· 205·1 current·1 all-time
byCorbin Breton@corbin-breton

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for corbin-breton/repo-guardian.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Repo Guardian" (corbin-breton/repo-guardian) from ClawHub.
Skill page: https://clawhub.ai/corbin-breton/repo-guardian
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required env vars: GH_TOKEN, GUARDIAN_AGENT, GUARDIAN_REVIEWER_B_AGENT, GUARDIAN_REPO, GUARDIAN_AUTO_MERGE, GUARDIAN_AUTO_FIX, GUARDIAN_MAX_PRS, GUARDIAN_MAX_ISSUES
Required binaries: openclaw, python3, curl
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install repo-guardian

ClawHub CLI

Package manager switcher

npx clawhub@latest install repo-guardian
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill's name/description (automatic PR review, dual-model consensus, auto-merge, triage) aligns with what it requires: GH_TOKEN for GitHub API access, agent names to dispatch reviews, auto-merge/auto-fix and max limits. Required binaries (openclaw, python3, curl) are used by the included shell script and are appropriate.
Instruction Scope
SKILL.md and scripts explicitly fetch PR metadata, diffs and file lists and send them in prompts to configured OpenClaw agents for review (diffs truncated to 500 lines). That behavior is expected for this skill but is a privacy/data-exposure vector: repository code from open PRs will be transmitted to whatever model providers your agents are configured to use. The script avoids leaking GH_TOKEN into prompts and truncates large diffs; it also honors a 'skip-guardian' label. These protections are reasonable but you should confirm your model endpoints and retention policies.
Install Mechanism
No install spec (instruction-only plus included script). Nothing is downloaded or written by an installer; the runtime uses existing binaries. This is low-install-risk.
Credentials
Required environment variables are configuration flags and the GH_TOKEN credential needed to call the GitHub API. No unrelated credentials are requested. The documentation recommends limited scopes and differentiates read-only vs write for auto-merge—appropriate and proportionate.
Persistence & Privilege
The skill is user-invocable, not always-on. It can autonomously invoke models (platform default) and perform merges/comments when given a token and enabled flags; this matches the declared functionality. It does not request persistent elevated platform privileges or modify other skills' configs.
Assessment
This skill appears to do what it says, but before installing: 1) Use a fine‑grained GH token scoped only to the repository and only with write permissions if you enable auto-merge; leave write/remove scopes off if you only want review. 2) Be aware that PR diffs and filenames are sent to whichever model providers your OpenClaw agents use—confirm those providers, retention, and data-handling policies. 3) Test in dry-run mode and/or set GUARDIAN_AUTO_MERGE=false initially; use the 'skip-guardian' label on sensitive PRs. 4) Ensure the configured agent names (GUARDIAN_AGENT / GUARDIAN_REVIEWER_B_AGENT) map to trusted agent configurations so reviews go to the intended models. If you want further assurance, request the full (non-truncated) guardian.sh to review any truncated portions or to audit its complete merge/comment payload construction.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

Binsopenclaw, python3, curl
EnvGH_TOKEN, GUARDIAN_AGENT, GUARDIAN_REVIEWER_B_AGENT, GUARDIAN_REPO, GUARDIAN_AUTO_MERGE, GUARDIAN_AUTO_FIX, GUARDIAN_MAX_PRS, GUARDIAN_MAX_ISSUES
Primary envGH_TOKEN
latestvk97fetn4v18ghaxyna6929n52x83xfgq
205downloads
0stars
9versions
Updated 4w ago
v1.4.1
MIT-0
Corbin Breton@corbin-breton
latest
Download

Repo Guardian — Dual-Model PR Review & Issue Triage

Automated repository maintenance with cross-model review consensus.

Scope & Boundaries

Repo Guardian handles PR review governance and repo maintenance automation: reviewing PRs, enforcing quality via dual-model consensus, auto-merging when approved, and triaging repository state.

It is not the issue-to-fix implementation pipeline. If the job is to fetch issues, spawn coding agents, implement fixes, open PRs, and monitor review feedback, use gh-issues instead.

It is also not a general-purpose GitHub CLI toolkit. For direct gh CLI operations such as listing PRs, commenting, checking CI, or making ad hoc API queries, use the github skill.

NOT For

  • Implementing issue fixes end-to-end — fetching issues, spawning coding agents, writing code, and opening PRs belongs to the gh-issues skill
  • General GitHub CLI operations — listing PRs, commenting, checking CI, or ad-hoc gh queries belong to the github skill
  • Code authoring or refactoring — Repo Guardian reviews and gates merges; it does not write new code

What It Does

Every 6 hours (configurable), Repo Guardian:

  1. Checks for open PRs on the target repo
  2. Reviews each PR with two independent models (Opus + GPT-5.4)
  3. Merges if both models approve
  4. Requests changes if either model finds issues
  5. Optionally prepares follow-up remediation for review-discovered issues
  6. Checks for open issues and triages them for the appropriate next step

Cron Setup

# Run the guardian script via OpenClaw cron
# Add to ~/.openclaw/cron/jobs.json:
{
  "repo-guardian": {
    "schedule": "0 */6 * * *",
    "agent": "<your-agent-name>",
    "message": "Run repo-guardian for your-org/your-repo",
    "skill": "repo-guardian"
  }
}

Or run manually:

bash <skill_dir>/scripts/guardian.sh your-org/your-repo

Review Process

PR Review (Dual-Model Consensus)

Open PR detected
  │
  ├─→ Opus reviews (security, architecture, correctness)
  ├─→ Sonnet reviews (code quality, edge cases, tests)
  │   (fallback: Haiku if Sonnet unavailable)
  │
  ├─ Both APPROVE → auto-merge (squash)
  ├─ One APPROVE, one REQUEST_CHANGES → post review comments, do not merge
  ├─ Both REQUEST_CHANGES → post review comments, do not merge
  └─ Either finds CRITICAL issue → post comments + label "needs-fix"

Issue Triage

Open issue detected
  │
  ├─ Assess complexity and routing (ready for automation vs needs human)
  ├─ Ready for implementation: hand off to the issue-fix pipeline (gh-issues)
  └─ Complex or unclear: add label "needs-human", post analysis comment

Review Criteria

Each model evaluates independently against:

  1. Correctness — Does the code do what the PR claims?
  2. Security — Any vulnerabilities, secret exposure, injection risks?
  3. Tests — Are changes tested? Do existing tests still pass?
  4. Scope — Does the PR stay within its stated purpose?
  5. Quality — Code style, error handling, edge cases, naming

Each model returns a structured verdict:

{
  "verdict": "APPROVE|REQUEST_CHANGES|CRITICAL",
  "summary": "One-line summary",
  "findings": [
    {"severity": "critical|major|minor", "file": "...", "line": 0, "issue": "...", "fix": "..."}
  ],
  "confidence": "high|medium|low"
}

Configuration

Environment variables (set in shell or .env):

  • GH_TOKEN — GitHub token with repo access (required)
  • GUARDIAN_AGENT — OpenClaw agent name for Reviewer A (default: $OPENCLAW_AGENT or default)
  • GUARDIAN_REVIEWER_B_AGENT — OpenClaw agent name for Reviewer B (default: same as GUARDIAN_AGENT; set to a different agent for true cross-model review)
  • GUARDIAN_REPO — Default repo (e.g., your-org/your-repo)
  • GUARDIAN_AUTO_MERGE — Enable auto-merge on consensus (true/false, default: true)
  • GUARDIAN_AUTO_FIX — Enable auto-fix for issues (true/false, default: false)
  • GUARDIAN_MAX_PRS — Max PRs to review per run (default: 5)
  • GUARDIAN_MAX_ISSUES — Max issues to process per run (default: 3)

Data Flow & Privacy

Repo Guardian sends PR diffs and file listings to the configured OpenClaw agent models for review. This means:

  • Repository code from open PRs is transmitted to your configured AI model providers (e.g., Anthropic, OpenAI) via the OpenClaw agent interface
  • No data is sent to any third-party endpoint beyond your configured model providers
  • Large diffs are truncated to 500 lines before transmission to limit exposure
  • The GH_TOKEN is used only for GitHub API calls and is never passed to AI model prompts
  • All JSON payloads to the GitHub API are constructed via Python json.dumps() to prevent injection

Recommended GH_TOKEN scopes: repo (read) for review-only mode; add repo (write) only if auto-merge is enabled. Use a fine-grained token scoped to the specific repository when possible.

Safety

  • Never force-pushes or modifies protected branches
  • Squash merges only — clean history
  • Labels PRs with review status for audit trail
  • Posts review comments with model attribution (which model said what)
  • Requires dual consensus — single model cannot merge alone
  • Skips PRs by org members marked with skip-guardian label
  • Dry-run mode available (--dry-run flag)
  • Credentials (GH_TOKEN) are user-configured via environment variables; Repo Guardian never stores, bundles, or transmits tokens
  • Auto-merge requires explicit opt-in (GUARDIAN_AUTO_MERGE=true); disabled by default
  • All review actions are logged with model attribution for full audit trail
  • The skill operates only on the repository specified by the user; it does not discover or access other repos

Run Trace Logging

Each Repo Guardian run emits a structured trace for audit and performance tracking. After completing all PR reviews and issue triages, write a trace entry:

### [YYYY-MM-DD HH:MM] repo-guardian run
- **Repo:** [owner/repo]
- **PRs reviewed:** [count] (merged: N, changes requested: N, critical: N)
- **Issues triaged:** [count] (routed to gh-issues: N, labeled needs-human: N)
- **Model agreement rate:** [% of PRs where both models reached same verdict]
- **Duration:** [approx time]
- **Anomalies:** [any unexpected behavior, timeouts, model disagreements worth noting]

Write traces to memory/performance/skill-runs.md (following the standard skill execution logging protocol). The model agreement rate is a key health metric — if it drops below 70% over 5+ runs, the review criteria may need recalibration.

Models Used

RolePrimaryFallback
Reviewer Aanthropic/claude-opus-4-6anthropic/claude-sonnet-4-6
Reviewer Banthropic/claude-sonnet-4-6anthropic/claude-haiku-4-5
Issue triageanthropic/claude-sonnet-4-6anthropic/claude-haiku-4-5

Note: GPT-5.4 (openai-codex/gpt-5.4) can be used as Reviewer B if the OpenAI Codex agent is configured and available in your deployment. When using GPT, set Reviewer B primary to openai-codex/gpt-5.4 with fallback anthropic/claude-sonnet-4-6.

Requirements

Required environment variables:

  • GH_TOKEN — A GitHub Personal Access Token. Must be set explicitly (the script will not fall back to gh auth token to avoid inadvertent scope leakage). Use a fine-grained PAT scoped to the specific target repository with read/write permissions for pull requests and issues.

Required binaries (must be on PATH):

  • openclaw — OpenClaw CLI (dispatches review prompts to configured model agents)
  • python3 — JSON construction and data parsing
  • curl — GitHub API calls

Required OpenClaw configuration:

  • At least one agent configured with access to Opus-tier and Sonnet/GPT-tier models for dual-model review

Comments

Loading comments...