← Back to Skills Marketplace
1757597031-maker

Skill1

by 1757597031-maker · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ✓ Security Clean
29
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install skill1
Description
自动审查代码,发现逻辑、性能、安全和风格问题,并提供详细改进建议和优先级排序。
README (SKILL.md)

---\r \r name: code-reviewer\r \r description: 对代码片段或 PR 变更进行自动化审查,指出潜在 bug、性能问题、安全漏洞和风格不一致,并给出改进建议。\r \r version: 1.0.0\r \r author: your-name\r \r tags:\r \r - code-review\r \r - development\r \r triggers:\r \r - 代码审查\r \r - review this code\r \r - code review\r \r ---\r \r \r \r # Code Reviewer Skill\r \r \r \r ## 描述\r \r 这是一个专业的代码审查技能,能够分析代码并生成详细的审查报告,重点关注逻辑错误、性能问题、安全风险和可读性。\r \r \r \r ## 使用场景\r \r 当用户提到需要审查代码、检查代码质量,或提供代码片段要求评估时激活。\r \r \r \r ## 工作流程\r \r \r \r ### 第一步:识别代码语言\r \r 首先确认用户提供的代码语言(Python、JavaScript、Go、Java、TypeScript 等)。\r \r \r \r ### 第二步:多维度分析\r \r 逐段分析代码,从以下四个维度评估:\r \r \r \r 1. **逻辑错误**\r \r - 边界条件处理\r \r - 空指针/null 引用风险\r \r - 类型错误或不匹配\r \r - 算法正确性\r \r \r \r 2. **性能问题**\r \r - 不必要的循环或重复计算\r \r - 内存泄漏风险\r \r - 资源未关闭(文件、连接等)\r \r - 低效的数据结构使用\r \r \r \r 3. **安全风险** 🔴\r \r - SQL 注入漏洞\r \r - XSS 跨站脚本\r \r - 硬编码密钥或凭证\r \r - 未验证的用户输入\r \r - 不安全的反序列化\r \r \r \r 4. **可读性与风格**\r \r - 命名规范(变量、函数、类)\r \r - 注释缺失或冗余\r \r - 函数过长或职责不单一\r \r - 重复代码(DRY 原则违反)\r \r \r \r ### 第三步:生成审查报告\r \r 对每个发现的问题,提供:\r \r \r \r - **严重程度**:🔴 高危 / 🟡 中等 / 🟢 轻微\r \r - **问题位置**:行号或代码段位置\r \r - **具体原因**:为什么这是个问题\r \r - **修复建议**:如何改进,附带代码示例\r \r \r \r ### 第四步:总结与优先级\r \r 输出总结,包括:\r \r \r \r - **整体代码质量评级**:优秀 / 良好 / 需改进 / 危险\r \r - **优先修复的 Top 3 问题**:按严重程度排序\r \r - **总体评价**:代码的优点和主要风险点\r \r \r \r ## 注意事项\r \r - 如果用户要求"自动修复",则可以提供修改后的完整代码块(仅限于明确安全的更改)。\r \r - 对于大型代码文件,优先审查用户指定的特定函数或模块。\r \r - 确保建议符合目标语言的最佳实践。\r \r \r \r ## 输出格式示例\r \r

\r
\# 代码审查报告\r
\r
\r
\r
\## 整体评级:良好\r
\r
\r
\r
\## 发现的问题\r
\r
\r
\r
\### 🔴 高危问题\r
\r
1\. \*\*\[行 23]\*\* SQL 注入风险\r
\r
   - \*\*原因\*\*:直接拼接用户输入到 SQL 查询\r
\r
   - \*\*建议\*\*:使用参数化查询\r
\r
   ```python\r
\r
   # 修复方案\r
\r
   cursor.execute("SELECT \* FROM users WHERE id = ?", (user\_id,))\r
\r
Usage Guidance
Safe to install if you want a structured code-review helper. Be aware it may trigger on general phrases like “code review”; invoke it explicitly when you want that workflow.
Capability Assessment
Purpose & Capability
The artifact describes reviewing code snippets or PR changes for bugs, performance issues, security risks, and style, which matches its stated purpose.
Instruction Scope
The triggers and usage guidance are somewhat broad for ordinary code-review discussions, but the resulting behavior is limited to analysis and suggested fixes.
Install Mechanism
The package contains only a single SKILL.md markdown file and declares no dependencies, scripts, installers, or package execution steps.
Credentials
The skill does not request shell access, broad repository indexing, credentials, network calls, or local file access beyond user-provided code context.
Persistence & Privilege
No persistence, background workers, privilege escalation, credential/session use, or automatic mutation behavior is present.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install skill1
  3. After installation, invoke the skill by name or use /skill1
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of code-reviewer skill. - 自动化审查代码片段或 PR 变更,检测潜在 bug、性能问题、安全漏洞和风格不一致。 - 审查报告包括严重程度、问题位置、原因说明和改进建议。 - 支持多种编程语言(Python、JavaScript、Go、Java、TypeScript 等)。 - 输出整体代码质量评级、优先修复问题及总体评价。 - 支持自动修复部分问题(在安全的前提下)。
Metadata
Slug skill1
Version 1.0.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is Skill1?

自动审查代码,发现逻辑、性能、安全和风格问题,并提供详细改进建议和优先级排序。 It is an AI Agent Skill for Claude Code / OpenClaw, with 29 downloads so far.

How do I install Skill1?

Run "/install skill1" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Skill1 free?

Yes, Skill1 is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Skill1 support?

Skill1 is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Skill1?

It is built and maintained by 1757597031-maker (@1757597031-maker); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments