← 返回 Skills 市场

Adversary Review

Name: Adversary Review
Author: keaneyan

作者 KeaneYan · GitHub ↗ · v1.2.0 · MIT-0

cross-platform ✓ 安全检测通过

113

总下载

当前安装

版本数

在 OpenClaw 中安装

/install adversary-review

功能描述

Mandatory adversarial review of all agent outputs. After drafting any response, a second AI instance (sub-agent) reviews and challenges the draft before deli...

使用说明 (SKILL.md)

Adversary Review

Every response to the user must pass adversarial review before delivery.

When to Use

EVERY response to the user, without exception. This is a mandatory quality gate.

How It Works

After drafting your response (but before sending it), spawn a sub-agent with a critical reviewer persona. The sub-agent examines your draft for problems, then you revise based on its feedback.

Step 1: Draft Your Response

Write your response as you normally would. Do not send it yet.

Step 2: Spawn Reviewer Sub-Agent

Use sessions_spawn with mode="run" and a cheaper model (e.g. qwen3.5-plus, gpt-4o-mini) to minimize cost. The reviewer does not need the full tool suite — it only reads text and outputs critique.

Note: This sends your draft text to the configured model provider's API. If you use cloud-based models, data will be sent to the provider's servers. Check your provider's data policy if handling sensitive content. For truly local review, configure a local model (e.g. ollama, LM Studio).

Spawn with this prompt template:

You are an adversarial reviewer. Examine the following draft response critically.

Draft:
"""
[YOUR DRAFT HERE]
"""

Check for:
1. Factual errors or unsubstantiated claims
2. Missing important caveats or edge cases
3. Logical contradictions
4. Tone issues (too apologetic, too confident, dismissive, etc.)
5. Missing follow-up suggestions that would be valuable
6. Overly verbose sections that could be trimmed
7. Any advice that could backfire or cause problems

Respond with exactly one of:
- PASS + one-line reason why it's fine
- List of specific issues, each with:
  - Where the problem is
  - Why it's a problem
  - Suggested fix

Be harsh. Be picky. Better to over-catch than to miss. You are the quality gate.

Step 3: Apply Feedback

Sub-agent says PASS → deliver your draft as-is
Sub-agent raises valid points → revise your draft, then deliver the improved version
Sub-agent is clearly wrong → trust your own judgment, deliver your version

Step 4: Deliver

When the review leads to substantive changes, briefly note the improvement (e.g. "Review caught X, fixed Y"). For minor edits, no need to mention. Focus on delivering the best result.

Privacy & Safety

The draft text is sent to a second AI model instance via the configured model API. If you use cloud-based models (e.g. qwen3.5-plus, gpt-4o-mini), this will send data to the provider's servers. For local-only review, use a local model provider (e.g. ollama, LM Studio).
Only the draft text (not full conversation history) is shared with the reviewer.
If the draft contains sensitive data (PII, credentials, etc.), the agent should skip the review step automatically.
Review exchanges are not persisted beyond the current agent session.

Exceptions

These situations do NOT need review:

HEARTBEAT_OK
System-level acks (tool results, NO_REPLY)
Purely mechanical confirmations with zero opinion content

Why This Matters

LLM outputs can contain subtle errors, missing context, or tone issues that are easy to miss from the creator's perspective. A second "pair of eyes" that is explicitly adversarial catches problems before they reach the user. This is the agent equivalent of code review.

Note: This review step adds latency and token usage per response.

Technical Details

No special configuration needed. To disable review, uninstall this skill.

安全使用建议

This skill appears to do what it says, but before installing: (1) confirm how your platform's sessions_spawn behaves — whether it sends only the supplied draft or includes extra context; (2) if you handle sensitive content, prefer configuring a local reviewer model (the SKILL.md suggests this) or ensure your model provider's data-retention policy meets your needs; (3) define a strict rule for detecting 'sensitive drafts' (so automatic skipping isn't left to vague judgment); (4) expect extra latency and token costs from every response; and (5) test the skill in a low-risk environment to verify it does not leak conversation history or persist reviewer exchanges.

功能分析

Type: OpenClaw Skill Name: adversary-review Version: 1.2.0 The 'adversary-review' skill implements a quality assurance workflow where the agent spawns a sub-agent to critique draft responses before they are finalized. While it utilizes the 'sessions_spawn' capability and sends draft text to a model API, the instructions in SKILL.md include explicit privacy warnings regarding sensitive data and cloud-based providers, and the behavior is entirely consistent with its stated purpose of improving response quality.

能力评估

✓ Purpose & Capability

Name, description, and runtime instructions all focus on having a second AI review drafts; no unrelated binaries, env vars, or installs are requested. The resources the skill uses (a model API) are proportional to its goal.

ℹ Instruction Scope

Instructions explicitly tell the agent to spawn a reviewer sub-agent and send the draft to the configured model API. This is coherent, but the SKILL.md makes claims (e.g., 'Only the draft text (not full conversation history) is shared', 'Review exchanges are not persisted', 'skip review automatically for sensitive drafts') without specifying how those guarantees are implemented. The policy for detecting 'sensitive data' is left to the agent's discretion, which is vague and could lead to accidental data exposure if misapplied. Also the sessions_spawn mechanism might, depending on platform behavior, include more context than the file-only draft — the skill doesn't document how to force minimal context.

✓ Install Mechanism

Instruction-only skill with no install spec or code files; nothing is written to disk and no external downloads are required, which minimizes install-time risk.

ℹ Credentials

The skill declares no required env vars or credentials, which is appropriate. However, it will implicitly use the agent's configured model provider credentials (to call sessions_spawn / provider APIs). That implicit use is expected for a reviewer, but users should be aware it causes additional API calls and transmits draft text to the provider.

✓ Persistence & Privilege

Skill is not always: true, does not request elevated or persistent system privileges, and does not modify other skills' configs. Autonomous invocation is allowed (platform default) but not excessive here.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install adversary-review
安装完成后，直接呼叫该 Skill 的名称或使用 /adversary-review 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.2.0

Fix security scan: removed false 'local' claims, honest data flow disclosure, added local model option for privacy-conscious users

v1.1.0

Fix security scan flags: added transparency (Step 4 now encourages noting review improvements), Privacy & Safety section, cost disclosure. Sensitive data auto-skip.

v1.0.2

English-only version. For bilingual EN/ZH version, see v1.0.1

v1.0.1

Added bilingual format note, clarified sub-agent spawn method and model recommendation

v1.0.0

Initial release: mandatory adversarial review for all agent outputs, bilingual EN/ZH

元数据

Slug adversary-review

版本 1.2.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 5

常见问题