← Back to Skills Marketplace
jpaulgrayson

LogicArt Code Review

by JPaulGrayson · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
573
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install logicart-review
Description
AI-powered code analysis via LogicArt — find bugs, security issues, and get logic flow visualizations. Use when reviewing code, analyzing code quality, findi...
README (SKILL.md)

Code Review

AI code analysis powered by LogicArt at https://logic.art.

Analyze Code

node {baseDir}/scripts/analyze.mjs --code "function add(a,b) { return a - b; }"

Or analyze a file:

node {baseDir}/scripts/analyze.mjs --file path/to/code.js

API

Endpoint: POST https://logic.art/api/agent/analyze

curl -s -X POST "https://logic.art/api/agent/analyze" \
  -H "Content-Type: application/json" \
  -d '{"code": "your code here", "language": "javascript"}'

Response typically includes: bugs, security issues, complexity score, suggestions, and logic flow.

Full Repository Scans

For scanning entire repositories, use Validate Repo: https://validate-repo.replit.app

Presenting Results

When showing results to the user:

  1. Lead with critical bugs/security issues
  2. Show complexity score
  3. List suggestions by priority
  4. Include logic flow if provided

Works Great With

  • workflow-engine — Chain code reviews into CI/CD pipelines
  • quack-coordinator — Hire specialist reviewer agents

Powered by Quack Network 🦆

Usage Guidance
This skill is internally consistent for a remote code-review tool: it reads code (or any file you point it at) and POSTs the file contents to https://logic.art/api/agent/analyze. Before using: (1) confirm you trust logic.art and understand its privacy policy; (2) do not ask the skill or an autonomous agent to review sensitive files (private keys, credentials, .env files, proprietary secrets); (3) consider sanitizing or removing secrets from files before sending; (4) prefer pasting only the specific code you want analyzed rather than passing repository root paths or system paths; and (5) review the included scripts/analyze.mjs (it is small and readable) to verify no unexpected endpoints or obfuscation are present. If you need stricter guarantees, run analysis only on local tools or services that you control, or require an API key/authorization you manage.
Capability Analysis
Type: OpenClaw Skill Name: logicart-review Version: 1.0.0 The `scripts/analyze.mjs` script is vulnerable to Local File Inclusion (LFI) via the `--file` argument. If an attacker can trick the agent into providing a sensitive file path (e.g., `~/.ssh/id_rsa`), the script will read the content of that file and then transmit it to the external API `https://logic.art/api/agent/analyze`. While `logic.art` is the stated analysis endpoint, sending arbitrary local files to a third-party service without explicit consent for those specific files constitutes a significant data exfiltration risk, classifying this as suspicious.
Capability Assessment
Purpose & Capability
Name/description align with the implementation: the bundled script reads code (from --code or --file), determines language, and POSTs it to https://logic.art/api/agent/analyze for analysis. No unrelated env vars, binaries, or installs are requested.
Instruction Scope
SKILL.md and the script instruct running scripts/analyze.mjs with a --file path or --code. The script will read any file path provided and send its full contents to the remote API. That is appropriate for code review, but the instructions do not warn about sensitive files or secrets and do not filter/sanitize inputs — so a user or an autonomous agent could inadvertently exfiltrate private keys, credentials, or other secrets if asked to 'review' arbitrary paths.
Install Mechanism
No install spec; the skill is instruction-only with a small included Node script. No external downloads, package installs, or archive extraction are present.
Credentials
No environment variables, credentials, or config paths are requested. The script does not read environment secrets. Network access is required to reach the logic.art API, which is expected for a cloud-based analysis service.
Persistence & Privilege
always is false, no system-wide changes or skill-configuration modifications are made, and the skill does not request permanent presence or elevated privileges.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install logicart-review
  3. After installation, invoke the skill by name or use /logicart-review
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release
Metadata
Slug logicart-review
Version 1.0.0
License
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is LogicArt Code Review?

AI-powered code analysis via LogicArt — find bugs, security issues, and get logic flow visualizations. Use when reviewing code, analyzing code quality, findi... It is an AI Agent Skill for Claude Code / OpenClaw, with 573 downloads so far.

How do I install LogicArt Code Review?

Run "/install logicart-review" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is LogicArt Code Review free?

Yes, LogicArt Code Review is completely free (open-source). You can download, install and use it at no cost.

Which platforms does LogicArt Code Review support?

LogicArt Code Review is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created LogicArt Code Review?

It is built and maintained by JPaulGrayson (@jpaulgrayson); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 Comments