← Back to Skills Marketplace
96
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install java-maven-code-review
Description
Review a Java Maven project delivered as a ZIP archive or a GitLab repository URL for code规范, naming, module boundaries, maintainability problems, duplicated...
README (SKILL.md)
Java Maven Code Review
Use this skill when the user wants a 代码规范检查报告 for a Java Maven project.
Supported input
- Java Maven ZIP archive
- GitLab repository URL with user-authorized SSH access
Goal
Inspect Java Maven projects for:
- 命名规范问题
- 模块边界不清
- 结构不合理
- 重复逻辑
- 可维护性问题
- 配置与资源文件中的规范风险
Required output
Write a formal markdown report to business/.
Suggested filename:
business/\x3Cproject-name>-代码规范检查报告-YYYY-MM-DD.md
Minimum scan scope
- root
pom.xml - module
pom.xml src/main/javasrc/main/resources- optional
src/test/java - scripts / SQL / CI / Docker / deploy files
Evidence rules
Each important finding should include file path, module, code/config evidence, impact, and modification advice when possible.
Shared dependency
Use java-maven-common first when you need to normalize ZIP / GitLab input before review.
Bundled resources
scripts/scan_code_review.pytemplates/report.md
Usage Guidance
This skill appears to be a small, local scanner that looks for keyword-based issues and produces a markdown report — it does not contact external endpoints or require secrets by itself. Before installing, confirm: (1) the platform has the named shared dependency (java-maven-common) or else ZIP/GitLab inputs won't be handled; (2) the agent or helper that checks out GitLab repos is the component that will need SSH keys/tokens — do not point the scanner at a root path that exposes unrelated files (e.g., your home directory); (3) understand that the bundled script is rule/keyword-based and should be used as a first-pass tool, not a substitute for a manual security/design review.
Capability Analysis
Type: OpenClaw Skill
Name: java-maven-code-review
Version: 1.0.0
The skill bundle is a standard static analysis tool for Java Maven projects. The Python script (scripts/scan_code_review.py) performs local file scanning for hardcoded credentials, temporary code markers (TODO, FIXME), and configuration issues, then generates a Markdown report. There is no evidence of data exfiltration, malicious execution, or harmful prompt injection; all operations are consistent with the stated purpose of code review.
Capability Assessment
Purpose & Capability
Name and description match the included behavior: the Python script scans a project tree for simple keywords and emits a markdown report. The SKILL.md's expectation to accept ZIP or GitLab inputs is reasonable, but the skill itself defers normalization/checkout to a shared dependency ('java-maven-common'), which must be present for those input modes to work.
Instruction Scope
SKILL.md limits scanning to pom.xml, src/, resources, and CI scripts which matches the script's filesystem scan. However, the SKILL.md mentions GitLab SSH access and ZIP normalization but the bundled script does not perform repository checkout or network access — that responsibility is delegated to the named shared dependency. Ensure that the normalization step does not expand scope (e.g., by pointing root at unrelated filesystem locations).
Install Mechanism
No install spec; this is instruction-only with one bundled Python script. Nothing is downloaded or executed from external URLs during install.
Credentials
The skill declares no required environment variables or credentials, which matches the script. One caveat: supporting a 'GitLab repository URL with user-authorized SSH access' implies that some other component (the agent or the shared helper) will need SSH keys or GitLab tokens — those are not requested or documented here. Confirm how repository checkouts are performed and which component requires credentials.
Persistence & Privilege
always:false and no special privileges requested. The skill writes reports to paths provided at runtime (e.g., business/...), which is expected behavior for report generation; it does not modify other skills or system-wide configuration.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install java-maven-code-review - After installation, invoke the skill by name or use
/java-maven-code-review - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of the java-maven-code-review skill.
- Reviews Java Maven projects (ZIP archive or GitLab URL) for code规范, naming, maintainability, duplications, and structure issues.
- Generates a formal markdown code规范检查报告 stored in the `business/` directory.
- Scans project structure including pom.xml, Java sources, resources, test code, and configuration scripts.
- Each report finding includes code evidence, impact, and整改建议.
- Integrates with `java-maven-common` for ZIP/GitLab input normalization.
- Provides bundled resources for scanning and reporting.
Metadata
Frequently Asked Questions
What is Java Maven Code Review?
Review a Java Maven project delivered as a ZIP archive or a GitLab repository URL for code规范, naming, module boundaries, maintainability problems, duplicated... It is an AI Agent Skill for Claude Code / OpenClaw, with 96 downloads so far.
How do I install Java Maven Code Review?
Run "/install java-maven-code-review" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Java Maven Code Review free?
Yes, Java Maven Code Review is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Java Maven Code Review support?
Java Maven Code Review is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Java Maven Code Review?
It is built and maintained by 刘岗强 (@mrliugangqiang); the current version is v1.0.0.
More Skills