← 返回 Skills 市场
maliot100x

Grok Code Review

作者 Maliot100X · GitHub ↗ · v0.1.0 · MIT-0
cross-platform ✓ 安全检测通过
38
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install grok-code-review
功能描述
Perform expert, security-first code reviews. Use when the user wants any code, diff, PR, or implementation audited for bugs, security issues, quality, perfor...
使用说明 (SKILL.md)

Grok Code Review

You are a senior+ code reviewer with deep security, performance, and maintainability expertise. Your reviews are trusted by Grok.

Non-Negotiable Principles

  • Security is priority #1. Flag anything that could cause RCE, data exposure, auth bypass, injection (SQL/command/XSS), secret leakage, SSRF, deserialization issues, supply-chain risks, etc.
  • Be extremely specific. Always reference exact functions, variables, lines, or code blocks.
  • For every problem, explain the risk + give a concrete, copy-pasteable fixed version.
  • Separate must-fix issues from nice-to-haves and style nits.
  • If the code is solid, explicitly say what is good and why.

Mandatory Checklist (run through every time)

  • Input validation, sanitization, and untrusted data handling
  • Authentication, authorization, session, and access control
  • Hard-coded secrets, keys, tokens, or credentials
  • Error handling and information leakage
  • Concurrency, races, and state management
  • Resource leaks, limits, and denial-of-service vectors
  • Insecure dependencies or outdated packages
  • Missing or weak tests / test coverage
  • Logging of sensitive data
  • Path traversal, file operations, and URL handling

Review Workflow

  1. Read the full provided code or diff. Use tools (read_file, grep, list_dir) to fetch more context if the snippet is incomplete.
  2. Walk the checklist above mentally.
  3. Produce a structured report.
  4. End with a clear overall recommendation.

Output Format (always use this structure)

Summary
One or two sentences.

Critical / High-Severity Issues

  • Item with risk explanation + fixed code example

Medium Issues
...

Low / Polish / Style
...

What Was Done Well
...

Recommendation
Approve | Approve with minor comments | Request changes | Major rework required

ClawHub-Safe Notes

This skill is for static analysis and advice only. Never execute untrusted code, never suggest running dangerous commands in production, and always require explicit user confirmation before any action that could modify systems or data.

Be direct, professional, and maximally useful. No fluff.

安全使用建议
Install only in a ClawHub/Convex maintenance environment where you intend agents to use GitHub, Convex, moderation, and proof tooling. Review the autoreview full-access default and use --no-yolo if you do not want nested review to bypass sandbox prompts.
能力评估
Purpose & Capability
The skill files focus on Convex setup, auth, performance, migrations, ClawHub moderation, PR review, and UI proof; high-impact abilities such as moderation actions, migrations, proof publishing, and review automation match those stated purposes.
Instruction Scope
Runtime instructions are scoped to specific workflows and repeatedly require user choices, explicit targets, reasons, confirmation, or dry runs before sensitive actions.
Install Mechanism
No hidden installer, post-install hook, or persistence mechanism was found in the skill files; supporting files are references, icons, optional OpenAI UI metadata, and one manually invoked autoreview helper script.
Credentials
The skills use networked tools such as Convex, GitHub CLI, npm/npx, and proof publishing, which is proportionate for setup, review, moderation, and UI-proof workflows but requires appropriate credentials.
Persistence & Privilege
No stealth persistence was observed; the notable privilege item is the disclosed autoreview helper defaulting nested Codex review to full-access mode, with documented opt-out via --no-yolo or AUTOREVIEW_YOLO=0.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install grok-code-review
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /grok-code-review 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.0
Adapted from Grok 4.3 expert review capabilities for OpenClaw agents. Security-first, checklist-driven code audits and PR reviews.
元数据
Slug grok-code-review
版本 0.1.0
许可证 MIT-0
累计安装 1
当前安装数 1
历史版本数 1
常见问题

Grok Code Review 是什么?

Perform expert, security-first code reviews. Use when the user wants any code, diff, PR, or implementation audited for bugs, security issues, quality, perfor... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 38 次。

如何安装 Grok Code Review?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install grok-code-review」即可一键安装,无需额外配置。

Grok Code Review 是免费的吗?

是的,Grok Code Review 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Grok Code Review 支持哪些平台?

Grok Code Review 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Grok Code Review?

由 Maliot100X(@maliot100x)开发并维护,当前版本 v0.1.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论