← Back to Skills Marketplace

Gitlab Mr Review

Name: Gitlab Mr Review
Author: wujinyuan

by zachary.wu · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

286

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install gitlab-mr-review

Description

Automatically fetches and reviews GitLab merge requests using a template to identify issues and post detailed, actionable review comments.

README (SKILL.md)

GitLab MR Review

This skill performs code reviews on GitLab merge requests using a standardized template.

Trigger

When user says something like:

"帮我review这个mr: ${url}"
"review this mr: ${url}"
"帮我审查这个mr: ${url}"

Workflow

Step 1: Extract MR URL and Project Info

Parse the MR URL to extract:

GitLab host (e.g., gitlab.snowballtech.com)
Project path (e.g., bp/iot-admin-arco)
MR IID (e.g., 1321)

Step 2: Configure glab for the GitLab instance

glab config set host https://\x3Chostname>

Step 3: Fetch MR Information

glab api projects/\x3Cproject>/merge_requests/\x3Ciid>

Step 4: Fetch MR Changes (Diff)

glab api projects/\x3Cproject>/merge_requests/\x3Ciid>/changes

Step 5: Analyze the Diff

Read the review template at code-review-template.md and analyze the diff for:

TODO/FIXME comments
Unfinished code
Hardcoded values
Potential bugs
Security issues
Code style issues
Missing error handling

Step 6: Generate Review Comment

Fill in the template with your analysis:

概述: Brief summary of what the MR does
优点: What went well
建议: Specific suggestions with file paths and line numbers
问题: Issues that need fixing
结论: Action items (checkboxes)

Step 7: Post Comment to MR

glab api projects/\x3Cproject>/merge_requests/\x3Ciid>/notes --method POST \
  --raw-field body="$(cat review-comment.md)"

Or use inline with --raw-field body="\x3Ccontent>"

Tips

Use emoji to highlight severity (🔴 for critical, 🟡 for warnings, ✅ for good)
Be specific: include file paths and line numbers
Provide actionable feedback
Balance praise with constructive criticism

Usage Guidance

This skill appears to do what it says (fetch MR diffs and post review comments), but there are important omissions and small inconsistencies you should address before using it: - glab dependency: The SKILL.md runs 'glab' commands but the manifest does not declare that the glab CLI is required. Ensure glab is installed and tested on the agent host before using this skill. - Authentication: glab uses local configuration (personal access tokens or saved credentials). The skill does not declare or request credentials; verify which GitLab account the agent will use and whether you are comfortable letting it post comments using that identity. - Missing output file: The instructions post body from 'review-comment.md' (cat review-comment.md), but the repository only includes 'code-review-template.md' and not 'review-comment.md'. Confirm how the review content is generated/saved before posting (the template exists, but the exact write/read workflow is unclear). - Safety: The skill will post comments to real MRs when invoked. If you want to test safely, run it against a test repository or ensure the agent runs with read-only credentials until you trust the behavior. Recommendation: Ask the publisher (or edit the skill) to (1) declare 'glab' as a required binary, (2) document how authentication is handled (what credentials are needed and where they come from), and (3) fix the mismatch between 'review-comment.md' and the included template file. With those clarifications the skill would be coherent and likely benign; as-is it is sloppy and requires caution.

Capability Analysis

Type: OpenClaw Skill Name: gitlab-mr-review Version: 1.0.0 The skill is designed to automate GitLab merge request reviews by extracting project details from a URL and using the 'glab' CLI to fetch diffs and post comments. The workflow in SKILL.md and the template in code-review-template.md are consistent with the stated purpose and do not contain any evidence of malicious intent, data exfiltration, or harmful prompt injection.

Capability Assessment

⚠ Purpose & Capability

The skill claims to review GitLab MRs but the manifest declares no required binaries or credentials while the runtime instructions explicitly require the 'glab' CLI and rely on glab-stored GitLab credentials. This omission is inconsistent: a MR-reviewer skill normally must declare/globally require the glab binary (or equivalent API credentials).

ℹ Instruction Scope

SKILL.md outlines a narrow, sensible workflow (parse MR URL, fetch MR and changes, analyze diff using the provided template, post a comment). It does not instruct reading unrelated system files or exfiltrating data. However, it references posting content from 'review-comment.md' (cat review-comment.md) though that file is not included; it also assumes glab is configured with credentials (not documented).

✓ Install Mechanism

Instruction-only skill with no install spec or remote downloads — lowers risk. Nothing is written to disk by an installer. The only runtime risk comes from executing glab commands, which are invoked at runtime (not installed by the skill).

⚠ Credentials

The skill declares no environment variables or primary credential, yet it relies on glab which uses local configuration (including stored GitLab tokens). This is proportionate in purpose but the lack of explicit declaration/documentation about required credentials or how auth is handled is an omission that could surprise users.

✓ Persistence & Privilege

always is false and there is no install-time persistence. The skill can be invoked by agents autonomously (platform default), which is expected for a review tool, but users should be aware it will post comments to MRs when run.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install gitlab-mr-review
After installation, invoke the skill by name or use /gitlab-mr-review
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.0

Initial release: Automates GitLab merge request reviews with a standardized workflow. - Parses MR URLs from user input to extract project and MR details. - Fetches MR data and diffs using glab API commands. - Analyzes code changes for issues like TODOs, hardcoded values, bugs, and security concerns. - Generates structured review comments following a template (overview, pros, suggestions, issues, action items). - Posts review comments directly to the GitLab merge request.

Metadata

Slug gitlab-mr-review

Version 1.0.0

License MIT-0

All-time Installs 3

Active Installs 3

Total Versions 1

Frequently Asked Questions

What is Gitlab Mr Review?

Automatically fetches and reviews GitLab merge requests using a template to identify issues and post detailed, actionable review comments. It is an AI Agent Skill for Claude Code / OpenClaw, with 286 downloads so far.

How do I install Gitlab Mr Review?

Run "/install gitlab-mr-review" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Gitlab Mr Review free?

Yes, Gitlab Mr Review is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Gitlab Mr Review support?

Gitlab Mr Review is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Gitlab Mr Review?

It is built and maintained by zachary.wu (@wujinyuan); the current version is v1.0.0.

More Skills