← Back to Skills Marketplace
Step 1: Map Context (
Step 2: Exit Code Audit (
Step 3: Portability Check (
Step 4: Safety Patterns (
Step 5: Evidence Log (
78
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install nm-pensive-shell-review
Description
Audit shell scripts for correctness, portability, and common pitfalls
README (SKILL.md)
Night Market Skill — ported from claude-night-market/pensive. For the full experience with agents, hooks, and commands, install the Claude Code plugin.
Table of Contents
Shell Script Review
Audit shell scripts for correctness, safety, and portability.
Verification
After review, run shellcheck \x3Cscript> to verify fixes address identified issues.
Testing
Run pytest plugins/pensive/tests/skills/test_shell_review.py -v to validate review patterns.
Quick Start
/shell-review path/to/script.sh
When To Use
- CI/CD pipeline scripts
- Git hook scripts
- Wrapper scripts (run-*.sh)
- Build automation scripts
- Pre-commit hook implementations
When NOT To Use
- Non-shell scripts (Python, JS, etc.)
- One-liner commands that don't need review
Required TodoWrite Items
shell-review:context-mappedshell-review:exit-codes-checkedshell-review:portability-checkedshell-review:safety-patterns-verifiedshell-review:evidence-logged
Workflow
Step 1: Map Context (shell-review:context-mapped)
Identify shell scripts:
# Find shell scripts
find . -not -path "*/.venv/*" -not -path "*/__pycache__/*" \
-not -path "*/node_modules/*" -not -path "*/.git/*" \
-name "*.sh" -type f | head -20
# Check shebangs
rg -l "^#!/" scripts/ hooks/ 2>/dev/null | head -10
# fallback: grep -l "^#!/" scripts/ hooks/ 2>/dev/null | head -10
Document:
- Script purpose and trigger context
- Integration points (make, pre-commit, CI)
- Expected inputs and outputs
Step 2: Exit Code Audit (shell-review:exit-codes-checked)
@include modules/exit-codes.md
Step 3: Portability Check (shell-review:portability-checked)
@include modules/portability.md
Step 4: Safety Patterns (shell-review:safety-patterns-verified)
@include modules/safety-patterns.md
Step 5: Evidence Log (shell-review:evidence-logged)
Use imbue:proof-of-work to record findings with file:line references.
Summarize:
- Critical issues (failures masked, security risks)
- Major issues (portability, maintainability)
- Minor issues (style, documentation)
Output Format
## Summary
Shell script review findings
## Scripts Reviewed
- [list with line counts]
## Exit Code Issues
### [E1] Pipeline masks failure
- Location: script.sh:42
- Pattern: `cmd | grep` loses exit code
- Fix: Use pipefail or capture separately
## Portability Issues
[cross-platform concerns]
## Safety Issues
[unquoted variables, missing set flags]
## Recommendation
Approve / Approve with actions / Block
Exit Criteria
- Exit code propagation verified
- Portability issues documented
- Safety patterns checked
- Evidence logged
Usage Guidance
This skill appears to do what it says: scan your repository's shell scripts for portability, exit-code, and safety issues. Before installing: (1) confirm what the two required config entries (night-market.pensive:shared and night-market.imbue:proof-of-work) point to and whether findings will be sent to an external service you trust; (2) ensure you are comfortable the agent can read the repo (find/rg/grep) and that no sensitive secrets are present in scripts you don't want exported; (3) have shellcheck/rg/pytest available if you want full verification; and (4) if you enable automatic invocation, review how and when evidence logging occurs so results aren't sent unexpectedly.
Capability Analysis
Type: OpenClaw Skill
Name: nm-pensive-shell-review
Version: 1.0.0
The shell-review skill bundle is a legitimate tool designed to audit shell scripts for safety, portability, and correctness. It utilizes standard Unix utilities (find, grep, rg) and linters (shellcheck) to identify common scripting pitfalls such as masked exit codes, unquoted variables, and non-portable bashisms. The instructions in SKILL.md and its modules are educational and strictly aligned with the stated purpose of improving script quality without any evidence of malicious intent or data exfiltration.
Capability Assessment
Purpose & Capability
Name/description claim to audit shell scripts and the SKILL.md contains only inspection and remediation guidance, grep/find detection patterns, and suggestions to run shellcheck — all directly relevant. The declared required config paths (night-market.pensive:shared and night-market.imbue:proof-of-work) map to documented evidence-logging behavior in the workflow and are plausible for a review/logging skill.
Instruction Scope
Instructions direct the agent to scan repository files (find, rg, grep) and to run checks like shellcheck and unit tests; this is appropriate for a review skill. However, the workflow explicitly instructs the use of imbue:proof-of-work to record findings (file:line references), which implies transmitting or storing review results via the configured Night Market/imbue integration — verify you trust that destination before enabling the skill.
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest-risk install posture. It expects external tools (shellcheck, rg/grep, pytest) to be present but does not attempt to install anything.
Credentials
No environment variables or external credentials are requested. The only non-local requirements are two config paths (night-market.pensive:shared and night-market.imbue:proof-of-work) used for shared config and evidence logging; these are proportionate to a review-and-log workflow but warrant inspection so you know where findings will be recorded/transmitted.
Persistence & Privilege
always is false and the skill is user-invocable; it does not request persistent or elevated privileges. There is no indication it modifies other skills or system settings.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install nm-pensive-shell-review - After installation, invoke the skill by name or use
/nm-pensive-shell-review - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
- Initial release of the shell-review skill: audit shell scripts for correctness, safety, and portability.
- Provides a clear workflow for mapping context, checking exit codes, assessing portability, and verifying safety patterns.
- Documents required TodoWrite items and structured output format for review findings.
- Includes guidance for usage in CI/CD, pre-commit hooks, and automation scripts, with explicit usage and exclusion criteria.
- Integrates proof-of-work evidence logging for auditability.
Metadata
Frequently Asked Questions
What is Nm Pensive Shell Review?
Audit shell scripts for correctness, portability, and common pitfalls. It is an AI Agent Skill for Claude Code / OpenClaw, with 78 downloads so far.
How do I install Nm Pensive Shell Review?
Run "/install nm-pensive-shell-review" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Nm Pensive Shell Review free?
Yes, Nm Pensive Shell Review is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Nm Pensive Shell Review support?
Nm Pensive Shell Review is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Nm Pensive Shell Review?
It is built and maintained by athola (@athola); the current version is v1.0.0.
More Skills