← Back to Skills Marketplace
yinghaojia

Review Agent

by YinghaoJia · GitHub ↗ · v2.1.2 · MIT-0
darwinlinux ⚠ suspicious
111
Downloads
0
Stars
0
Active Installs
5
Versions
Install in OpenClaw
/install review-agent
Description
Pre-meeting review coach for Lark/Feishu (or WeCom). Invoked when a Requester DMs their dedicated review-agent subagent with a draft, proposal, plan, or 1:1...
Usage Guidance
Key things to check before installing or running this skill: - Do not run install/update/patch scripts (install.sh / update.sh / feishu_seed_workspace_patch.py) on production systems until reviewed. These scripts clone code from a third‑party GitHub repo and apply a core patch to OpenClaw; review every line in those scripts and the patch file in a trusted environment. - Verify the upstream repository and the publisher identity. Confirm the GitHub repo (https://github.com/jimmyag2026-prog/review-agent-skill) is trustworthy and inspect commit history, recent changes, and install scripts for unexpected network calls or arbitrary command execution. - Audit scripts for network endpoints and secrets handling. Search the code for any hardcoded URLs, remote upload routines, or uses of open network sockets (e.g., dashboard-server.py), and confirm they point only to expected hosts. - Check for undeclared credential needs. The skill will need Lark/Feishu app scopes and OpenClaw gateway credentials to function; do not supply broad platform tokens blindly. Prefer scoped service accounts and rotate tokens after testing. - Sandbox first. Install and run the skill in an isolated test environment (VM/container) with no access to production secrets or tenant tokens, and simulate a minimal session to observe behavior, file writes, and outbound connections. - Review persona/profile files and templates. Since persona files are injected into LLM system prompts, inspect agent_persona.md, boss_profile.md and other templates for any instructions that could force the model to leak data or override system-level safeguards. - Disable automatic updates until you trust the source. Do not enable any auto-update behavior; prefer to pull updates manually after review. - If you must proceed in production, minimize scope: restrict Lark/Feishu app scopes to the least privilege needed, do not apply the core patch until reviewed, and backup OpenClaw core before applying any modifications. If you want, I can: (1) list specific files/lines to inspect next (install.sh, update.sh, feishu_seed_workspace_patch.py, scripts that call network), (2) scan the included Python scripts for obvious I/O/network calls to external hosts, or (3) produce a short sandbox test plan you can run safely.
Capability Analysis
Type: OpenClaw Skill Name: review-agent Version: 2.1.2 The skill bundle implements a complex 'Review Agent' with significant system-level interactions. While the logic appears aligned with its stated purpose, it exhibits high-risk behaviors including the use of subprocesses to execute external binaries (pdftotext, tesseract, whisper) on user-provided files in 'ingest.py', and it requires an invasive 'source patch' to the OpenClaw core platform (modifying node_modules) as described in 'POST_INSTALL.md'. Additionally, it handles sensitive API keys across multiple legacy and current configuration paths and performs automated network requests to GitHub and OpenRouter. These capabilities, particularly the platform patching, represent a significant security risk and high attack surface, though no clear evidence of intentional malice was found.
Capability Tags
cryptorequires-oauth-tokenrequires-sensitive-credentials
Capability Assessment
Purpose & Capability
The described functionality (per-peer review subagents, file-based sessions, Python scripts) aligns with the 'review coach' claim. However the SKILL and POST_INSTALL ask the admin to patch the OpenClaw core (feishu_seed_workspace_patch.py) and to grant Lark/Feishu app scopes — capabilities that are not declared in the registry metadata (no required env vars). Requesting a platform core patch is a heavy, privileged action that should be justified and audited.
Instruction Scope
Runtime instructions/read/write many local files under ~/.openclaw and per-session folders; they also load persona/profile documents into LLM system prompts. The SKILL.md explicitly instructs running multiple scripts that will read boss_profile.md, review_rules.md, sessions/* files, and may access gateway/token config via openclaw. Admin docs instruct running external install/update scripts and applying a core patch. The skill's instructions therefore go beyond lightweight in‑agent behavior and include system-level modifications and network fetches — scope creep from a simple ‘review/coach’ capability.
Install Mechanism
The registry lists no formal install spec, but POST_INSTALL and README instruct admins to git clone a GitHub repo and run install.sh/update.sh which fetch code and apply a core patch. update.sh and install.sh will pull remote code (github.com/jimmyag2026-prog/...), and a supplied patch modifies openclaw core files. Fetching and running remote install/patch scripts is higher risk and should be audited before execution.
Credentials
The metadata claims no required env vars, but documentation and delivery/backends clearly expect platform credentials and tools: OpenClaw feishu gateway config (tenant access tokens), Lark/Feishu app scopes, optional send_mail/Gmail SMTP, and optional ~/bin/lark_send or ~/bin/send_mail helpers. Those credentials are functionally necessary for the skill to reach Responder/Requester or to push docs yet are not declared in requires.env. This mismatch is an incoherence and increases risk of unexpected access to sensitive tokens.
Persistence & Privilege
The skill asks admins to apply a persistent patch to the openclaw core to alter workspace seeding behavior and includes update/uninstall scripts that can change system state. While 'always: false', the core patch and admin helpers give the skill global effect on the platform (modifying how dynamic agent creation seeds personas). That is a substantial privilege and should not be applied without review; it also increases blast radius if the skill is later updated from upstream.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install review-agent
  3. After installation, invoke the skill by name or use /review-agent
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v2.1.2
v2.1.2 HOTFIX: monitor-*.js auto-discovery (was hardcoded macOS path — broke on Linux VPS). workspaceTemplate now absolute path with {agentId} placeholder (was: literal tilde that didn't expand in all openclaw runtime contexts). Patchers auto-recover from v2.0-v2.1.1 broken configs on re-run. See CHANGELOG.
v2.1.1
v2.1.1 HOTFIX: patch_openclaw_json.py was writing wrong feishu keys (dynamicAgents/dm/workspaceTemplate — these are wecom-plugin keys). Feishu schema rejected them -> gateway refused to start on every v2.0-v2.1.0 install. Fixed to use correct feishu-native channels.feishu.dynamicAgentCreation. Auto-cleans legacy bad keys on re-run so broken installs recover.
v2.1.0
v2.1.0: live-testing fixes + top-5 findings + attachment-first. 7 bugs resolved from first real Lark test. Q&A loop now defaults to top 5 most important findings (reply 'more' for deferred, 'done' to close). Attachment-first flow asks for material before review if none provided. Channel compat clarified: feishu+wecom only for per-peer subagent. Includes POST_INSTALL.md with Admin quickstart.
v2.0.2
v2.0.2: cosmetic fix — publish under clean display name 'Review Agent' (previous v2.0.1 had folder-derived name). Functional content unchanged.
v2.0.1
v2.0.1: initial ClawHub release. Pre-meeting review coach for Lark with per-peer subagent isolation via openclaw dynamicAgents. Four-pillar framework (Background/Materials/Framework/Intent) + Responder simulation + Q&A loop + 6-section decision brief. Includes uninstall.sh + update.sh.
Metadata
Slug review-agent
Version 2.1.2
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 5
Frequently Asked Questions

What is Review Agent?

Pre-meeting review coach for Lark/Feishu (or WeCom). Invoked when a Requester DMs their dedicated review-agent subagent with a draft, proposal, plan, or 1:1... It is an AI Agent Skill for Claude Code / OpenClaw, with 111 downloads so far.

How do I install Review Agent?

Run "/install review-agent" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Review Agent free?

Yes, Review Agent is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Review Agent support?

Review Agent is cross-platform and runs anywhere OpenClaw / Claude Code is available (darwin, linux).

Who created Review Agent?

It is built and maintained by YinghaoJia (@yinghaojia); the current version is v2.1.2.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments