← 返回 Skills 市场
152
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install eo-ability-code-review
功能描述
代码审查能力,调用CodeReviewer专家进行安全、性能、风格全面审查,输出问题列表和改进建议
使用说明 (SKILL.md)
eo-ability-code-review
代码审查能力 - 调用 CodeReviewer 专家进行安全、性能、风格全面审查
一句话介绍
调用CodeReviewer专家进行代码安全/性能/风格全面审查,输出问题列表和改进建议。
核心功能
- 安全审查: SQL注入、XSS、CSRF等安全漏洞检测
- 性能审查: N+1查询、索引缺失、缓存策略等性能问题
- 风格审查: 代码规范、命名规范、注释完整性
- 综合评分: 安全/性能/风格/总体四维评分
使用方法
# 全面审查
/code-review /path/to/code --scope all
# 安全审查
/code-review /path/to/code --scope security --rules strict
# 性能审查
/code-review /path/to/code --scope performance
与EO插件的协同
- 被 eo-workflow-blog 调用(代码质量把关)
- 被 eo-workflow-paper 调用(论文逻辑审查)
- 被 eo-workflow-security-audit 调用(安全漏洞发现)
独立运行模式(有EO vs 无EO)
| 模式 | 能力 |
|---|---|
| 有EO插件 | 141专家库(CodeReviewer专家)、真实漏洞检测、重构建议 |
| 无插件(基础) | LLM代码审查、通用规范检查 |
示例
🔍 代码审查报告
## 评分
| 维度 | 评分 | 等级 |
|------|------|------|
| 安全 | 85/100 | B+ |
| 性能 | 78/100 | B |
| 风格 | 92/100 | A- |
| **总体** | **85/100** | **B+** |
## 问题列表
### 🔴 高优先级 (3)
1. [安全] SQL 注入风险 - user input directly in query
2. [安全] XSS 漏洞 - 未转义用户输入
3. [性能] N+1 查询问题 - loop 内查询数据库
### 🟡 中优先级 (5)
1. [风格] 变量命名不规范
2. [性能] 缺少索引
## 建议
- 使用参数化查询防止 SQL 注入
- 添加输入验证和转义
- 使用 ORM 的 eager loading
Interface
Input
interface CodeReviewInput {
codePath: string // 代码路径
scope?: 'security' | 'performance' | 'style' | 'all'
rules?: 'strict' | 'normal' | 'loose'
language?: string // 编程语言
}
Output
interface CodeReviewOutput {
scores: {
security: number // 0-100
performance: number // 0-100
style: number // 0-100
overall: number // 0-100
}
issues: CodeIssue[]
suggestions: string[]
summary: string
}
🦞⚙️ 钢铁龙虾军团
安全使用建议
This skill appears to do what it claims — automated code review — but be cautious before using it on sensitive repositories. The SKILL.md references a /code-review CLI and an external 'CodeReviewer' expert pool but provides no binaries or install steps, so make sure you understand how your platform will satisfy that dependency before running it. Test the skill on a non-sensitive example repo first, and don't supply code that contains secrets (API keys, credentials, private keys) until you trust the skill's source and the platform integration. If you need higher assurance, ask the publisher for details about the 'CodeReviewer' expert backend and any data handling / retention policies.
功能分析
Type: OpenClaw Skill
Name: eo-ability-code-review
Version: 1.0.0
The skill bundle defines a standard code review capability for an AI agent, focusing on security, performance, and style analysis. The files (_meta.json, SKILL.md) contain only descriptive metadata and interface definitions without any executable code, suspicious commands, or instructions for data exfiltration.
能力评估
Purpose & Capability
The name/description (code review for security/performance/style) matches the instructions and declared interfaces. The skill expects a codePath input and returns review results, which is appropriate for a code-review capability. One minor inconsistency: SKILL.md shows CLI usage (/code-review) and refers to a 'CodeReviewer专家' expert pool, but the skill declares no required binaries or external dependencies — that CLI/expert is not provided in the skill bundle.
Instruction Scope
SKILL.md stays within the code-review domain: it describes running reviews, scoring, and producing issue lists. It implies reading the code at the provided codePath (expected). It does not instruct reading unrelated system files or environment variables. Note: because it will read repository files supplied as codePath, those files may contain secrets — the skill does not state any data-handling or exfiltration restrictions.
Install Mechanism
No install spec and no code files — lowest-risk execution model for an instruction-only skill. Nothing is downloaded or written to disk by the skill itself.
Credentials
The skill declares no required environment variables, credentials, or config paths. That aligns with a passive code-review helper. There are no unexpected credential requests in the SKILL.md.
Persistence & Privilege
always is false and model invocation is allowed (platform default). The skill does not request persistent or elevated privileges and does not attempt to modify other skills' configuration in its instructions.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install eo-ability-code-review - 安装完成后,直接呼叫该 Skill 的名称或使用
/eo-ability-code-review触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of eo-ability-code-review
- Provides comprehensive code review capabilities focused on security, performance, and style.
- Outputs a detailed issues list and actionable improvement suggestions.
- Supports both strict and basic code review modes, adapting to presence or absence of EO plugins.
- Integrates with other EO workflows for code quality, paper logic, and security auditing.
- Delivers dimensional scoring and summary reports for comprehensive code quality assessment.
元数据
常见问题
Eo Ability Code Review 是什么?
代码审查能力,调用CodeReviewer专家进行安全、性能、风格全面审查,输出问题列表和改进建议. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 152 次。
如何安装 Eo Ability Code Review?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install eo-ability-code-review」即可一键安装,无需额外配置。
Eo Ability Code Review 是免费的吗?
是的,Eo Ability Code Review 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Eo Ability Code Review 支持哪些平台?
Eo Ability Code Review 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Eo Ability Code Review?
由 467718584(@467718584)开发并维护,当前版本 v1.0.0。
推荐 Skills