功能描述

Reviews and verifies code changes for scope, correctness, security, testing, secrets, and risks before commits, PRs, or deployments.

使用说明 (SKILL.md)

AANA Code Change Review Skill

Name: AANA Code Change Review Skill
Author: mindbomber

Use this skill when an OpenClaw-style agent may edit code, change configuration, run risky commands, create commits, open pull requests, claim tests passed, publish code, or make broad repository changes.

This is an instruction-only skill. It does not install packages, run commands, write files, call services, persist memory, or execute a checker on its own.

Core Principle

Code changes should be scoped to the request, reviewable, tested honestly, free of secrets, and reversible before they become commits, pull requests, releases, or deployed behavior.

The agent should separate:

files explicitly requested by the user,
files discovered during normal implementation,
unrelated files that must not be changed,
generated files that may change mechanically,
test evidence actually observed by the agent,
test claims that have not been verified,
commands that are safe to run,
commands that require approval or must be refused.

When To Use

Use this skill before:

editing source code, tests, schemas, configs, docs that affect behavior, or build files,
changing dependency files or lockfiles,
applying broad formatters or codemods,
deleting, moving, or overwriting repository files,
running commands that can modify files, state, branches, remotes, services, or data,
staging, committing, pushing, tagging, releasing, or opening pull requests,
claiming that tests, lint, type checks, builds, or security checks passed,
adding, exposing, logging, or copying secrets,
expanding scope beyond the user request.

Code Risk Classes

Treat these as higher risk:

authentication, authorization, billing, payment, health, legal, privacy, security, cryptography, or compliance code,
CI/CD, deploy, release, package, dependency, lockfile, and infrastructure changes,
database migrations, destructive scripts, data transformations, and cleanup tasks,
agent policy, tool permissions, memory, prompts, and guardrail behavior,
generated files that may hide broad source changes,
binary artifacts, large diffs, vendored code, and minified files,
commands that delete, overwrite, reset, force-push, publish, deploy, or alter persistent state.

AANA Code Review Loop

Identify the requested change and the intended behavioral outcome.
Map constraints: correctness, scope, security, privacy, testability, reversibility, and user approval.
Inspect the diff or planned edit surface before finalizing.
Check scope: confirm changes are limited to the requested problem and supporting tests/docs.
Check secrets: verify no keys, tokens, credentials, private data, or sensitive logs are added or exposed.
Check destructive commands: require approval before reset, force, delete, overwrite, deploy, publish, migration, or broad cleanup actions.
Check evidence: report only tests and checks that actually ran; name any checks that were not run.
Check commit or PR readiness: summarize diff, risks, tests, and any remaining uncertainty.
Choose action: accept, revise, ask, defer, refuse, or route to human review.

Required Pre-Flight Checks

Before a code edit, commit, or PR, verify:

the user request and intended scope,
the file set being changed,
whether unrelated local changes already exist,
whether broad generated or formatted changes are expected,
whether any dependency, lockfile, migration, CI, deploy, or release files changed,
whether tests or checks are available and appropriate,
whether secrets or private data may appear in code, logs, fixtures, docs, or examples,
whether a command could destroy data, rewrite history, publish, deploy, or affect external systems.

Test Claim Rules

Do not claim a check passed unless it actually ran and returned success.

Use precise language:

"Ran X; it passed."
"Did not run tests because Y."
"Only X was run; broader coverage remains unverified."
"The check failed; here is the relevant failure."

Do not imply full validation from partial evidence. A targeted unit test is not a full release gate. A type check is not a security review. A successful local build is not proof that production deploy is safe.

Scope Creep Rules

Revise or ask before:

changing unrelated features,
refactoring beyond what is needed,
modifying public APIs without request or compatibility review,
changing dependency versions casually,
adding new frameworks or services,
altering policy, security, permission, memory, or telemetry behavior,
mixing cleanup with feature work unless the cleanup is required.

Secret Leakage Rules

Block or revise any change that includes:

API keys, bearer tokens, passwords, private keys, auth headers, session cookies, recovery codes,
real customer, patient, legal, financial, account, or personal data,
logs that expose credentials or private payloads,
example configs with real secrets,
screenshots, fixtures, or docs that contain sensitive values.

Prefer placeholders such as:

\x3CREDACTED_API_KEY>
\x3CREDACTED_TOKEN>
\x3CREDACTED_ACCOUNT_ID>

Destructive Command Rules

Ask for explicit user approval before commands or tool actions that may:

delete files or directories,
overwrite user-authored work,
reset branches or working trees,
rewrite history,
force-push,
drop databases or apply irreversible migrations,
publish packages, releases, or websites,
deploy services,
change production, cloud, account, billing, or permission state.

Refuse or defer if the action would destroy unrelated work, bypass review, hide changes, or affect systems outside the user's request.

Commit And PR Gate

Before committing or opening a PR, confirm:

the diff matches the request,
unrelated changes are excluded,
tests/checks are truthfully reported,
risky files and commands are disclosed,
no secrets or private data are present,
the commit message or PR summary is accurate,
remaining risks or skipped checks are stated.

Review Payload

When using a configured AANA checker, send only a minimal review payload:

task_summary
change_type
changed_scope_summary
risk_classes
test_evidence
secret_scan_status
destructive_command_status
scope_status
recommended_action

Do not include raw secrets, private records, full logs, full diffs, or unrelated files when a redacted summary is enough.

Decision Rule

If the change is scoped, reviewed, tested honestly, secret-free, and non-destructive, accept.
If the change is useful but too broad, revise to the narrow requested scope.
If test evidence, path ownership, command risk, or user approval is unclear, ask.
If the change needs a security review, migration review, deploy review, or human code review, defer.
If the request would leak secrets, hide failures, destroy unrelated work, or bypass required approval, refuse and explain briefly.
If a checker is unavailable or untrusted, use manual code-change review.

Output Pattern

For code-sensitive work, prefer:

Code change review:
- Scope: ...
- Files: ...
- Risk: ...
- Tests: ran ... / not run ...
- Secret check: ...
- Command risk: ...
- Decision: accept / revise / ask / defer / refuse

Do not include this review block unless useful to the user, needed before a risky action, or requested by the review workflow.

安全使用建议

The skill text itself appears to be a benign code-review checklist, but the listed capability signals are unusually broad for that purpose. Before installing, verify whether those signals are platform permissions or false positives; if they are real, decline the unnecessary wallet, purchase, signing, and sensitive-credential access.

功能分析

Type: OpenClaw Skill Name: aana-code-change-review Version: 1.0.0 The skill bundle is an instruction-only package designed to provide safety guidelines for an AI agent performing code reviews. It contains no executable code, scripts, or network capabilities. The instructions in SKILL.md and the manifest.json configuration focus entirely on preventing security risks such as secret leakage, unauthorized destructive commands, and scope creep, while enforcing honest reporting of test results.

能力标签

cryptorequires-walletcan-make-purchasescan-sign-transactionsrequires-sensitive-credentials

能力评估

⚠ Purpose & Capability

The SKILL.md and README describe an instruction-only code-change review guardrail, but the provided capability signals list high-impact wallet, purchase, transaction-signing, and sensitive-credential capabilities that are not explained by the code-review purpose.

✓ Instruction Scope

The visible instructions are bounded and safety-oriented: they tell the agent to verify scope, avoid secrets, report only observed tests, and seek approval before destructive commands or publishing.

✓ Install Mechanism

No install spec or code files are present; the manifest says dependencies are not installed and commands are not executed.

⚠ Credentials

For an instruction-only code-review skill, wallet, purchase, signing, and sensitive-credential capability signals appear disproportionate and unexplained.

ℹ Persistence & Privilege

The manifest states no memory persistence and no file writes, but the capability signals still suggest sensitive privilege requirements that should be clarified before installation.

版本历史

v1.0.0

Initial release of the AANA Code Change Review Skill: - Provides detailed instructions and principles for safe, reviewable, and reversible code changes. - Defines pre-flight checks, test claim rules, scope creep rules, and secret leakage policies. - Outlines risk classes, destructive command handling, and review/approval loops. - Specifies output and review summary patterns for code-sensitive operations. - Ensures agents do not run commands, persist changes, or process secrets directly.

元数据

Slug aana-code-change-review

版本 1.0.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 1

常见问题