功能描述

Run a structured adversarial multi-agent review loop on any significant document. Spawns parallel Opus reviewers with different critical lenses, collects str...

使用说明 (SKILL.md)

Adversarial Review

Name: Adversarial Review
Author: scott3j

Structured multi-agent review loop. Catches what a single agent misses.

Session store: ~/.openclaw/workspace/reviews/
Process: Init session → spawn Opus reviewers → collect redlines → position on each → produce v2 → deliver

Complexity Self-Assessment

Run this check whenever you produce a substantial document. Score 1 point per signal present. If score ≥ 3, offer the review loop without being asked.

#	Signal	Points
1	Has multiple interdependent components (failure in one affects others)	1
2	Involves schema changes, migrations, or index design	1
3	Irreversible or expensive to undo (data loss, structural rework)	1
4	Affects production systems, stored data, or external services	1
5	Introduces new abstractions, taxonomies, or data models	1
6	Has a defined sequence of steps where order matters	1
7	Contains security, access control, or permission logic	1
8	Will be acted on by code or agents without further human review	1
9	Document is longer than ~500 lines or covers 3+ distinct systems	1
10	Scott said "let's build this" or "implement this" at any point in the conversation	1

Score 0–2 → skip. Simple doc, don't add noise.

Score 3–6 → offer. "This scores [N]/10 on complexity. Want me to run the review team on it before we act?"

Score 7–10 → strongly recommend. Don't just offer — make the case. "This scores [N]/10 on complexity — multiple interdependent systems, production consequences, hard to reverse. I'd strongly recommend running the review team before we act on this. Today's taxonomy strategy was a 10/10 and the review caught 14 issues including multiple production-breaking bugs."

Quick Reference

Step	Action
0. Init session	`scripts/new-review.sh \x3Cslug> \x3Cpath-to-doc>`
1. Choose reviewers	Read `references/review-types.md` for the right bundle
2. Spawn reviewers	`sessions_spawn` with `model=anthropic/claude-opus-4-6`, `mode=run` — all in parallel
3. Wait	Reviewers auto-announce. Do NOT poll.
4. Save raw output	Write each reviewer result to `redlines/reviewer-{role}.md`
5. Synthesize	`scripts/synthesize.sh \x3Csession-dir>` → writes `redlines/combined.md`
6. Position	AGREE / DISAGREE / MODIFY on every redline → write `positions.md`
7. Produce v2	Write `output/{slug}-v2.md` incorporating accepted changes + rejected appendix
8. Deliver	`scripts/cp-output.sh \x3Csession-name> \x3Cdestination>`

Session Directory Structure

~/.openclaw/workspace/reviews/{YYYY-MM-DD}-{slug}/
├── input/
│   └── {original-filename}       ← copy of doc being reviewed
├── redlines/
│   ├── reviewer-{role}.md        ← raw output per reviewer
│   └── combined.md               ← synthesize.sh output (sorted by severity)
├── positions.md                  ← farsight agree/disagree log
└── output/
    └── {slug}-v2.md              ← final document

Review Types

Document Type	Reviewer A	Reviewer B
Architecture / strategy	Theory & data modeling	Implementation & systems
Pipeline / workflow	Sequencing & dependencies	Failure modes & ops
Schema / migration	SQL correctness & constraints	Performance & indexes
Security design	Threat modeling	Implementation gaps
Marketing / positioning	Message clarity & truth	Competitive exposure
API / interface design	Consistency & contracts	Consumer experience

For full persona prompt templates → read references/reviewer-personas.md
For pre-configured bundles → read references/review-types.md

Spawning Reviewers

Spawn ALL reviewers simultaneously — parallel, not sequential. Independent reviewers find different issues.

Model Selection

Doc Score	Default Model	Rationale
7–10	`anthropic/claude-opus-4-6`	Deep reasoning required; subtle architectural flaws need Opus
3–6	`anthropic/claude-sonnet-4-6`	Worth trying; structured prompts may close the gap

A/B testing note: If Sonnet misses a CRITICAL issue that Opus would have caught on a 3–6 doc, upgrade that doc type to Opus permanently. Track findings in references/model-notes.md as patterns emerge.

Key parameters for every reviewer spawn:

model: anthropic/claude-opus-4-6   ← or sonnet for 3-6 scored docs
mode: run
runTimeoutSeconds: 300
label: reviewer-{role}

The task field contains the full reviewer prompt from references/reviewer-personas.md plus the document content to review.

Positioning Rules

For EVERY redline, take an explicit position. No skipping.

Position	When	Requirement
AGREE	Critique is correct, change should be made	State what changes
DISAGREE	Original design is defensible	Must provide rationale — not just dismissal
MODIFY	Issue is real, suggested resolution is wrong	Propose your alternative

All CRITICAL redlines default to AGREE unless strongly defensible.
At least 1 DISAGREE expected — if zero, you may be rubber-stamping.

Write positions to positions.md in the session directory.

v2 Requirements

Revision table at the top (what changed and why)
All AGREE + MODIFY changes incorporated
Rejected redlines documented in an appendix ("considered and rejected")
Version bumped, date updated
Saved to output/{slug}-v2.md

Quality Bar

A good review session produces:

≥2 CRITICAL issues (if zero, reviewers weren't adversarial enough — re-spawn with harder prompt)
≥1 DISAGREE from farsight (if zero, consider whether the doc was genuinely perfect or just unchallenged)
A v2 meaningfully different from v1

Redline Format

**[REDLINE-{TYPE}-{NNN}]** {Section reference}
**Claim:** What the document says
**Challenge:** The specific objection or gap
**Severity:** CRITICAL | MAJOR | MINOR
**Suggested Resolution:** What should change

Full spec → read references/redline-format.md

安全使用建议

This skill appears to be what it says (a structured review workflow) but there are a few things to check before installing or using it widely: - Missing runtime dependency: synthesize.sh writes and runs a temporary Node.js script and requires the node binary, but the skill does not declare node as a required binary. Ensure node is available on the host or modify the script to use an available runtime. - Model invocation assumption: SKILL.md expects the agent to spawn reviewers with named models (e.g., anthropic/claude-opus-4-6). Confirm your platform provides access to those models or that you are comfortable with the platform's model invocation behavior; otherwise reviewer spawning will fail or behave differently. - Local storage: the skill will copy reviewed documents into ~/.openclaw/workspace/reviews and persist reviewer outputs, positions, and final v2 documents. If you handle sensitive documents, consider storage location, encryption, or cleanup policies. - Self-triggering behavior: the skill instructs agents to run a self-assessment automatically when producing substantial documents. Decide whether you want that behavior enabled by default — if you don't, avoid loading/activating the skill persistently or ensure the agent's skill-eligibility rules prevent automatic runs. If you accept these conditions, the skill is functionally coherent. If you need to trust it with highly sensitive documents, review and, if necessary, modify the scripts (or change the session path) and confirm model access/permissions first.

功能分析

Type: OpenClaw Skill Name: adversarial-review Version: 1.0.0 The bundle contains a critical shell injection vulnerability in `scripts/cp-output.sh` due to the use of `eval` on the `$DESTINATION` argument, which allows arbitrary command execution if the path is influenced by an attacker. Additionally, `SKILL.md` contains 'self-triggering' instructions designed to override the agent's behavior and force the review loop on all substantial documents, a form of prompt injection. While the stated purpose of adversarial document review is legitimate, the combination of high-risk shell patterns and behavioral overrides warrants caution.

能力评估

ℹ Purpose & Capability

The name/description match the included files: reviewer persona templates, review-type bundles, and shell/node helper scripts for session init, synthesis, and copying output. However, SKILL.md instructs spawning reviewers using specific high-capability models (e.g., anthropic/claude-opus-4-6) while the skill declares no required environment variables or credentials for model/API access. That may be fine if the hosting platform provides model access, but it is an implicit requirement that isn't documented. Also the skill includes runtime scripts that expect a node runtime (synthesize.sh creates and runs a temporary Node script) but the skill declares no required binaries; this is a clear undeclared dependency.

ℹ Instruction Scope

Instructions are detailed and constrained to the review workflow: create a session dir under ~/.openclaw/workspace/reviews, copy the input doc there, spawn reviewers (via sessions_spawn with explicit model/params), write per-reviewer redlines, synthesize combined results, record positions, and produce a v2. This is consistent with the stated purpose. Two things to note: (1) the skill instructs agents to self-trigger the Complexity Self-Assessment whenever producing substantial documents — that grants the skill broad, frequent usage if the host agent honors it; (2) the workflow reads and writes user documents into a home-directory workspace (~/.openclaw), so it will store local copies of any reviewed documents.

⚠ Install Mechanism

There is no install spec (instruction-only), which is low-risk normally. However, synthesize.sh dynamically writes and executes a Node.js script (calls node). The skill does not declare 'node' (or npm) as a required binary. If node is not present on the host, synthesis will fail. The lack of declared runtime/binary requirements is an inconsistency that could lead to runtime errors or surprising behavior; the skill also writes temporary files under /tmp and persistent files under the user's home directory (expected for a session store).

✓ Credentials

The skill requests no environment variables, no credentials, and no config paths beyond creating and using ~/.openclaw/workspace/reviews. It does not attempt to read or exfiltrate other system credentials. The lack of any requested API keys is consistent if the platform supplies model invocation capability; if not, model spawning steps may fail silently or require additional platform-level credentials.

ℹ Persistence & Privilege

always:false and disable-model-invocation:false (defaults) — the skill is not forced into every agent run, but SKILL.md explicitly urges SELF-TRIGGERING behavior (instructs the agent to run the complexity self-assessment whenever producing substantial documents). That is a behavioral scope request (not a platform-level always:true), and it could lead to frequent automatic usage if the agent honors it. The skill creates and persists session data under ~/.openclaw/workspace/reviews which is expected for its function.

版本历史

v1.0.0

- Initial release of adversarial-review skill. - Enables structured, multi-agent review loops for significant documents with automated complexity self-assessment. - Spawns parallel Opus reviewers with diverse critical lenses, collects structured redlines, and guides agreement/disagreement and v2 document production. - Provides clear review process, positioning rules, and quality expectations. - Includes comprehensive reviewer type selection and session directory guidelines for workflow transparency.

元数据

Slug adversarial-review

版本 1.0.0

许可证 MIT-0

累计安装 2

当前安装数 2

历史版本数 1

常见问题