ClawHub

Code Review

v1.0.0

Code review best practices and workflow skill. Use when: reviewing pull requests, performing peer code review, setting up code review standards, or improving...

0· 60·0 current·0 all-time
byBingWang@sydpz
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (code review best practices) match the contents: checklists, templates, per-language notes, and workflows. The skill requests no binaries, env vars, or installs that would be unnecessary for a documentation/template skill.
Instruction Scope
SKILL.md directs the reviewer to read PR descriptions, diffs, linked docs, and run standard review steps — all expected for a code-review assistant. It does not instruct reading unrelated files, accessing credentials, or sending data to external endpoints.
Install Mechanism
No install spec and no code files that execute — lowest-risk pattern for a skill composed of guidance and reference documents.
Credentials
The skill declares no required environment variables, credentials, or config paths, which is proportional to a documentation-only code-review helper.
Persistence & Privilege
always:false and normal user-invocable/autonomous-invocation defaults. The skill does not request persistent system presence or modify other skills; this is appropriate for its purpose.
Assessment
This skill is documentation-only and internally consistent with its stated purpose, so technical risk is low. Before installing, consider: (1) the source is unknown and there's no homepage — if provenance matters to you, review the files yourself; (2) adapt templates to your team's policies and sensitive-data handling rules (the guides remind reviewers to check for secrets, but avoid pasting private secrets into review comments); and (3) because it's instruction-only, it won't run code or exfiltrate data itself, but be cautious if you copy templates into automation that might call external services.

Like a lobster shell, security has layers — review code before you run it.

latestvk9750da7qs7enwf271ydwm511s83q698

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments