ClawHub

Code Reviewer

v1.0.0

Code Review AI Assistant. Automated code review, find potential issues and improvement suggestions. Triggers: code review, review code, code quality, code an...

0· 62·0 current·0 all-time
by@sky-lv
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (code review, security/performance/style checks) match the SKILL.md functionality. It does not request unrelated binaries, credentials, or system paths.
Instruction Scope
SKILL.md contains only function-level descriptions, examples, and configuration for rules; it does not instruct the agent to read arbitrary system files or environment variables. Note: it describes 'secrets' checking, so users may be tempted to submit code containing secrets—avoid sending production credentials.
Install Mechanism
There is no install spec or embedded code—this is instruction-only. The README suggests a 'clawhub install' command but the skill package itself contains no download/install instructions or external URLs beyond a repository field in skill.json.
Credentials
The skill declares no required environment variables, credentials, or config paths. Nothing in the SKILL.md asks for unrelated secrets or tokens.
Persistence & Privilege
Skill flags are default (not always:true). It does not request permanent presence or system-wide configuration changes.
Assessment
This skill appears internally consistent, but because it's instruction-only and authored externally you should: 1) Inspect the referenced repository (https://github.com/SKY-lv/code-reviewer) before running any install command to confirm it matches expectations. 2) Never paste production secrets or credentials into code you send to the skill—redact or use synthetic examples. 3) If you run 'clawhub install', review what that installer will fetch and run (scripts in the repo). 4) If you need stronger assurance, run the tool on isolated/test code or review the repository code locally before granting any broader use.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fg7fqzhfcp81mx0dh170gb184m7jk

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments