← Back to Skills Marketplace
emersonbraun

Code Review

by Emerson Braun · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
79
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install eb-code-review
Description
Multi-agent code review for pull requests. Checks for bugs, CLAUDE.md compliance, git history context, and previous PR comments. Uses confidence scoring to f...
README (SKILL.md)

Code Review — Multi-Agent PR Review

Provide a thorough, multi-perspective code review for pull requests using parallel agents with confidence-based filtering.

The goal is to find real, impactful bugs while avoiding false positives and nitpicks. A senior engineer wouldn't waste time on trivial issues — neither should this review.

Process

Follow these steps precisely:

1. Eligibility Check (Haiku agent)

Check if the pull request: (a) is closed, (b) is a draft, (c) does not need review (automated PR, trivially simple), or (d) already has a code review from you. If any condition is true, stop.

2. Discover CLAUDE.md Files (Haiku agent)

Get file paths (not contents) of relevant CLAUDE.md files: the root CLAUDE.md and any CLAUDE.md files in directories whose files the PR modified.

3. Summarize the Change (Haiku agent)

View the pull request and return a summary of the change.

4. Parallel Review (5 Sonnet agents)

Launch 5 parallel agents. Each returns a list of issues with the reason each was flagged:

Agent Focus
#1 — CLAUDE.md Compliance Audit changes against CLAUDE.md rules. Note: CLAUDE.md is guidance for code writing, so not all instructions apply during review.
#2 — Bug Scan Shallow scan for obvious bugs in the diff only. Focus on large bugs. Avoid nitpicks. Ignore likely false positives.
#3 — Git History Read git blame and history of modified code. Identify bugs in light of historical context.
#4 — Previous PRs Read previous PRs that touched these files. Check for comments that may apply to the current PR.
#5 — Code Comments Read code comments in modified files. Ensure changes comply with guidance in those comments.

5. Confidence Scoring (parallel Haiku agents)

For each issue found, launch a Haiku agent that scores confidence 0-100:

Score Meaning
0 False positive. Doesn't hold up to scrutiny, or pre-existing issue.
25 Might be real, might be false positive. Unable to verify. Stylistic issues not in CLAUDE.md.
50 Verified real issue, but may be a nitpick or rare in practice. Not very important relative to the PR.
75 Double-checked and very likely real. Will be hit in practice. Existing approach is insufficient. Directly mentioned in CLAUDE.md.
100 Absolutely certain. Confirmed real, happens frequently. Evidence directly confirms.

For CLAUDE.md issues, the agent must double-check that the CLAUDE.md actually calls out that issue specifically.

6. Filter

Discard issues scoring below 80. If no issues remain, proceed to step 8 with "no issues found."

7. Re-check Eligibility (Haiku agent)

Repeat the eligibility check from step 1 to make sure the PR is still eligible.

8. Post Comment

Use gh pr comment to post the review. Keep it brief, no emojis, cite and link relevant code/files/URLs.

Format (with issues):

### Code review

Found N issues:

1. \x3Cbrief description> (CLAUDE.md says "\x3C...>")

\x3Clink to file and line with full SHA + line range>

2. \x3Cbrief description> (bug due to \x3Cfile and code snippet>)

\x3Clink to file and line with full SHA + line range>

Format (no issues):

### Code review

No issues found. Checked for bugs and CLAUDE.md compliance.

Link format: https://github.com/owner/repo/blob/\x3Cfull-sha>/path/to/file.ts#L10-L15

  • Must use full git SHA (not HEAD or short hash)
  • Include 1 line of context before and after the issue
  • Line range: L[start]-L[end]

False Positives to Ignore

These are NOT real issues:

  • Pre-existing issues (not introduced by this PR)
  • Something that looks like a bug but isn't
  • Pedantic nitpicks a senior engineer wouldn't mention
  • Issues a linter, typechecker, or compiler would catch (imports, types, formatting)
  • General code quality issues (coverage, docs) unless required by CLAUDE.md
  • CLAUDE.md violations explicitly silenced in code (lint ignore comments)
  • Intentional functionality changes related to the broader change
  • Real issues on lines the user did not modify

Notes

  • Do NOT check build signal, build, or typecheck. Those run separately in CI.
  • Use gh for all GitHub interactions (not web fetch)
  • Make a todo list first to track progress
  • Cite and link every bug (if from CLAUDE.md, link the specific file)
  • Consult references/review-patterns.md for advanced review patterns including blast-radius analysis, structured output templates, and test coverage gap detection.
Usage Guidance
This skill appears to implement a reasonable multi-agent PR review process, but a few things don't add up — decide before installing. Key points to consider: - gh CLI required: The SKILL.md expects to run gh (gh pr view, gh pr diff, gh pr comment, gh issue list/search). The skill metadata did not declare gh as a required binary. Ensure your agent environment actually has gh and understand that gh uses local auth (GH_TOKEN/GITHUB_TOKEN or gh auth) — the skill will need access to those credentials to read PRs and to post comments. - Credentials and scopes: To post PR comments the agent needs write permission on the repository. The skill did not document required auth type or minimal scopes. Prefer creating a token with the narrowest possible scope and test in a non-production repo first. - CLAUDE.md contradiction: The instructions say to get file paths but not contents for CLAUDE.md, yet later require auditing against CLAUDE.md rules (which requires reading contents). Clarify whether the skill will read CLAUDE.md contents and whether CLAUDE.md may contain sensitive info. - Data access: The skill will read commit history, blame, previous PRs and modified file contents. Ensure you are comfortable with an automated agent accessing your repo history and posting comments automatically. - Testing recommendation: Run the skill on a small, non-sensitive repository or a test PR to observe behavior and required permissions. Ask the skill author to explicitly declare required binaries (gh), required environment variables or token scopes, and to fix the CLAUDE.md read-vs-path inconsistency. If you need a stricter guarantee, require the skill to document exact gh commands and minimum GitHub token scopes before granting write access. Confidence note: medium — the overall purpose is coherent but the missing declarations around tooling and credentials and the CLAUDE.md contradiction create unresolved risks. Additional information (explicit required binaries, exact auth requirements, or an updated SKILL.md that removes the contradiction) would raise confidence to high.
Capability Analysis
Type: OpenClaw Skill Name: eb-code-review Version: 1.0.0 The skill bundle implements a sophisticated multi-agent workflow for performing GitHub pull request reviews. It uses the GitHub CLI (`gh`) to fetch PR data, analyze diffs, and post comments, with specific instructions in `SKILL.md` for confidence-based filtering and historical context analysis. The tool permissions are appropriately restricted to relevant `gh` subcommands, and the logic in `references/review-patterns.md` aligns with standard senior engineering practices without any signs of malicious intent, data exfiltration, or unauthorized execution.
Capability Assessment
Purpose & Capability
The SKILL.md clearly expects to drive GitHub via the gh CLI (view PRs, diffs, blame, post comments). However the top-level metadata lists no required binaries or primary credential. Declaring no required binaries or credentials is inconsistent with the skill's stated need to run gh and to post PR comments.
Instruction Scope
Instructions stay within code-review scope (read diffs, blame, previous PRs, CLAUDE.md rules, then post a gh pr comment). One internal contradiction: step 2 says to "Get file paths (not contents) of relevant CLAUDE.md files," but later steps require auditing against CLAUDE.md rules and double-checking CLAUDE.md text. That implies reading file contents, so the behavior is underspecified.
Install Mechanism
Instruction-only skill with no install spec or downloads. This minimizes surface area; nothing will be written to disk by an installer from the skill bundle itself.
Credentials
The skill will need GitHub credentials or a configured gh session to read PR data and to post comments (write access). Yet requires.env and primary credential are empty. The skill does not document the required auth scope (read vs write) or recommend limiting tokens, which is a proportionality/visibility gap.
Persistence & Privilege
always:false and no install hooks; the skill does not request permanent presence or system-wide changes. It will run only when invoked and relies on platform tooling (gh).
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install eb-code-review
  3. After installation, invoke the skill by name or use /eb-code-review
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Version 1.0.0 — Initial Release - Adds automated multi-agent code review for pull requests, focusing on bugs, CLAUDE.md compliance, git history, and previous PR comments. - Utilizes parallel agent architecture and confidence scoring to minimize false positives and avoid nitpicks. - Only flags significant, verifiable issues; issues must score at least 80/100 confidence to be reported. - Review process ignores pre-existing problems, stylistic nitpicks, and issues outside the scope of the modified code. - Provides concise, well-linked GitHub PR comments with clear and actionable feedback.
Metadata
Slug eb-code-review
Version 1.0.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is Code Review?

Multi-agent code review for pull requests. Checks for bugs, CLAUDE.md compliance, git history context, and previous PR comments. Uses confidence scoring to f... It is an AI Agent Skill for Claude Code / OpenClaw, with 79 downloads so far.

How do I install Code Review?

Run "/install eb-code-review" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Code Review free?

Yes, Code Review is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Code Review support?

Code Review is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Code Review?

It is built and maintained by Emerson Braun (@emersonbraun); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments