← 返回 Skills 市场
wujinyuan

Gitlab Mr Review

作者 zachary.wu · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
286
总下载
0
收藏
3
当前安装
1
版本数
在 OpenClaw 中安装
/install gitlab-mr-review
功能描述
Automatically fetches and reviews GitLab merge requests using a template to identify issues and post detailed, actionable review comments.
使用说明 (SKILL.md)

GitLab MR Review

This skill performs code reviews on GitLab merge requests using a standardized template.

Trigger

When user says something like:

  • "帮我review这个mr: ${url}"
  • "review this mr: ${url}"
  • "帮我审查这个mr: ${url}"

Workflow

Step 1: Extract MR URL and Project Info

Parse the MR URL to extract:

  • GitLab host (e.g., gitlab.snowballtech.com)
  • Project path (e.g., bp/iot-admin-arco)
  • MR IID (e.g., 1321)

Step 2: Configure glab for the GitLab instance

glab config set host https://\x3Chostname>

Step 3: Fetch MR Information

glab api projects/\x3Cproject>/merge_requests/\x3Ciid>

Step 4: Fetch MR Changes (Diff)

glab api projects/\x3Cproject>/merge_requests/\x3Ciid>/changes

Step 5: Analyze the Diff

Read the review template at code-review-template.md and analyze the diff for:

  • TODO/FIXME comments
  • Unfinished code
  • Hardcoded values
  • Potential bugs
  • Security issues
  • Code style issues
  • Missing error handling

Step 6: Generate Review Comment

Fill in the template with your analysis:

  • 概述: Brief summary of what the MR does
  • 优点: What went well
  • 建议: Specific suggestions with file paths and line numbers
  • 问题: Issues that need fixing
  • 结论: Action items (checkboxes)

Step 7: Post Comment to MR

glab api projects/\x3Cproject>/merge_requests/\x3Ciid>/notes --method POST \
  --raw-field body="$(cat review-comment.md)"

Or use inline with --raw-field body="\x3Ccontent>"

Tips

  • Use emoji to highlight severity (🔴 for critical, 🟡 for warnings, ✅ for good)
  • Be specific: include file paths and line numbers
  • Provide actionable feedback
  • Balance praise with constructive criticism
安全使用建议
This skill appears to do what it says (fetch MR diffs and post review comments), but there are important omissions and small inconsistencies you should address before using it: - glab dependency: The SKILL.md runs 'glab' commands but the manifest does not declare that the glab CLI is required. Ensure glab is installed and tested on the agent host before using this skill. - Authentication: glab uses local configuration (personal access tokens or saved credentials). The skill does not declare or request credentials; verify which GitLab account the agent will use and whether you are comfortable letting it post comments using that identity. - Missing output file: The instructions post body from 'review-comment.md' (cat review-comment.md), but the repository only includes 'code-review-template.md' and not 'review-comment.md'. Confirm how the review content is generated/saved before posting (the template exists, but the exact write/read workflow is unclear). - Safety: The skill will post comments to real MRs when invoked. If you want to test safely, run it against a test repository or ensure the agent runs with read-only credentials until you trust the behavior. Recommendation: Ask the publisher (or edit the skill) to (1) declare 'glab' as a required binary, (2) document how authentication is handled (what credentials are needed and where they come from), and (3) fix the mismatch between 'review-comment.md' and the included template file. With those clarifications the skill would be coherent and likely benign; as-is it is sloppy and requires caution.
功能分析
Type: OpenClaw Skill Name: gitlab-mr-review Version: 1.0.0 The skill is designed to automate GitLab merge request reviews by extracting project details from a URL and using the 'glab' CLI to fetch diffs and post comments. The workflow in SKILL.md and the template in code-review-template.md are consistent with the stated purpose and do not contain any evidence of malicious intent, data exfiltration, or harmful prompt injection.
能力评估
Purpose & Capability
The skill claims to review GitLab MRs but the manifest declares no required binaries or credentials while the runtime instructions explicitly require the 'glab' CLI and rely on glab-stored GitLab credentials. This omission is inconsistent: a MR-reviewer skill normally must declare/globally require the glab binary (or equivalent API credentials).
Instruction Scope
SKILL.md outlines a narrow, sensible workflow (parse MR URL, fetch MR and changes, analyze diff using the provided template, post a comment). It does not instruct reading unrelated system files or exfiltrating data. However, it references posting content from 'review-comment.md' (cat review-comment.md) though that file is not included; it also assumes glab is configured with credentials (not documented).
Install Mechanism
Instruction-only skill with no install spec or remote downloads — lowers risk. Nothing is written to disk by an installer. The only runtime risk comes from executing glab commands, which are invoked at runtime (not installed by the skill).
Credentials
The skill declares no environment variables or primary credential, yet it relies on glab which uses local configuration (including stored GitLab tokens). This is proportionate in purpose but the lack of explicit declaration/documentation about required credentials or how auth is handled is an omission that could surprise users.
Persistence & Privilege
always is false and there is no install-time persistence. The skill can be invoked by agents autonomously (platform default), which is expected for a review tool, but users should be aware it will post comments to MRs when run.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install gitlab-mr-review
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /gitlab-mr-review 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release: Automates GitLab merge request reviews with a standardized workflow. - Parses MR URLs from user input to extract project and MR details. - Fetches MR data and diffs using glab API commands. - Analyzes code changes for issues like TODOs, hardcoded values, bugs, and security concerns. - Generates structured review comments following a template (overview, pros, suggestions, issues, action items). - Posts review comments directly to the GitLab merge request.
元数据
Slug gitlab-mr-review
版本 1.0.0
许可证 MIT-0
累计安装 3
当前安装数 3
历史版本数 1
常见问题

Gitlab Mr Review 是什么?

Automatically fetches and reviews GitLab merge requests using a template to identify issues and post detailed, actionable review comments. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 286 次。

如何安装 Gitlab Mr Review?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install gitlab-mr-review」即可一键安装,无需额外配置。

Gitlab Mr Review 是免费的吗?

是的,Gitlab Mr Review 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Gitlab Mr Review 支持哪些平台?

Gitlab Mr Review 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Gitlab Mr Review?

由 zachary.wu(@wujinyuan)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论