ClawHub

Requesting Code Review

v0.1.0

Use when completing tasks, implementing major features, or before merging to verify work meets requirements

3· 2.4k·78 current·85 all-time
by@zlc000190
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description (requesting code review) align with the SKILL.md and code-reviewer.md: both guide capturing git SHAs, producing a diff, and dispatching a code-review subagent/template. No unrelated binaries, env vars, or installs are requested.
Instruction Scope
Instructions explicitly run git commands to compute BASE_SHA/HEAD_SHA and ask the agent to dispatch superpowers:code-reviewer with the provided template. This necessarily exposes repository diffs to the subagent (expected for a review). Minor mismatch in placeholder names: SKILL.md uses {PLAN_OR_REQUIREMENTS} while code-reviewer.md references {PLAN_REFERENCE} — this could lead to missing plan text if not filled consistently.
Install Mechanism
No install spec and no code files that execute on disk; instruction-only skill means nothing is written or downloaded during install.
Credentials
Skill requests no environment variables, credentials, or config paths; the requested access (git repo/diff) is proportionate to a code-review task.
Persistence & Privilege
always is false, default autonomous invocation allowed (normal). The skill does not request system-wide changes or modify other skills; no elevated persistence or privileges are requested.
Assessment
This skill is coherent for requesting automated human/agent code reviews: it runs git commands to produce diffs and sends those diffs and your provided plan/description to a review subagent. Before using it, confirm you trust the target reviewer/subagent (code diffs will be exposed to it), fix the placeholder name mismatch ({PLAN_OR_REQUIREMENTS} vs {PLAN_REFERENCE}) so plans are included, and ensure you run the commands in the intended repository/branch (SHA selection matters). If you have sensitive or proprietary code, verify where review outputs go and that the subagent won't forward code to external services you don't control.

Like a lobster shell, security has layers — review code before you run it.

latestvk973062tmkf3mw1a8ebn7az5fx80wynb

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments