← 返回 Skills 市场
Step 1: Map Context (
Step 2: Exit Code Audit (
Step 3: Portability Check (
Step 4: Safety Patterns (
Step 5: Evidence Log (
78
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install nm-pensive-shell-review
功能描述
Audit shell scripts for correctness, portability, and common pitfalls
使用说明 (SKILL.md)
Night Market Skill — ported from claude-night-market/pensive. For the full experience with agents, hooks, and commands, install the Claude Code plugin.
Table of Contents
Shell Script Review
Audit shell scripts for correctness, safety, and portability.
Verification
After review, run shellcheck \x3Cscript> to verify fixes address identified issues.
Testing
Run pytest plugins/pensive/tests/skills/test_shell_review.py -v to validate review patterns.
Quick Start
/shell-review path/to/script.sh
When To Use
- CI/CD pipeline scripts
- Git hook scripts
- Wrapper scripts (run-*.sh)
- Build automation scripts
- Pre-commit hook implementations
When NOT To Use
- Non-shell scripts (Python, JS, etc.)
- One-liner commands that don't need review
Required TodoWrite Items
shell-review:context-mappedshell-review:exit-codes-checkedshell-review:portability-checkedshell-review:safety-patterns-verifiedshell-review:evidence-logged
Workflow
Step 1: Map Context (shell-review:context-mapped)
Identify shell scripts:
# Find shell scripts
find . -not -path "*/.venv/*" -not -path "*/__pycache__/*" \
-not -path "*/node_modules/*" -not -path "*/.git/*" \
-name "*.sh" -type f | head -20
# Check shebangs
rg -l "^#!/" scripts/ hooks/ 2>/dev/null | head -10
# fallback: grep -l "^#!/" scripts/ hooks/ 2>/dev/null | head -10
Document:
- Script purpose and trigger context
- Integration points (make, pre-commit, CI)
- Expected inputs and outputs
Step 2: Exit Code Audit (shell-review:exit-codes-checked)
@include modules/exit-codes.md
Step 3: Portability Check (shell-review:portability-checked)
@include modules/portability.md
Step 4: Safety Patterns (shell-review:safety-patterns-verified)
@include modules/safety-patterns.md
Step 5: Evidence Log (shell-review:evidence-logged)
Use imbue:proof-of-work to record findings with file:line references.
Summarize:
- Critical issues (failures masked, security risks)
- Major issues (portability, maintainability)
- Minor issues (style, documentation)
Output Format
## Summary
Shell script review findings
## Scripts Reviewed
- [list with line counts]
## Exit Code Issues
### [E1] Pipeline masks failure
- Location: script.sh:42
- Pattern: `cmd | grep` loses exit code
- Fix: Use pipefail or capture separately
## Portability Issues
[cross-platform concerns]
## Safety Issues
[unquoted variables, missing set flags]
## Recommendation
Approve / Approve with actions / Block
Exit Criteria
- Exit code propagation verified
- Portability issues documented
- Safety patterns checked
- Evidence logged
安全使用建议
This skill appears to do what it says: scan your repository's shell scripts for portability, exit-code, and safety issues. Before installing: (1) confirm what the two required config entries (night-market.pensive:shared and night-market.imbue:proof-of-work) point to and whether findings will be sent to an external service you trust; (2) ensure you are comfortable the agent can read the repo (find/rg/grep) and that no sensitive secrets are present in scripts you don't want exported; (3) have shellcheck/rg/pytest available if you want full verification; and (4) if you enable automatic invocation, review how and when evidence logging occurs so results aren't sent unexpectedly.
功能分析
Type: OpenClaw Skill
Name: nm-pensive-shell-review
Version: 1.0.0
The shell-review skill bundle is a legitimate tool designed to audit shell scripts for safety, portability, and correctness. It utilizes standard Unix utilities (find, grep, rg) and linters (shellcheck) to identify common scripting pitfalls such as masked exit codes, unquoted variables, and non-portable bashisms. The instructions in SKILL.md and its modules are educational and strictly aligned with the stated purpose of improving script quality without any evidence of malicious intent or data exfiltration.
能力评估
Purpose & Capability
Name/description claim to audit shell scripts and the SKILL.md contains only inspection and remediation guidance, grep/find detection patterns, and suggestions to run shellcheck — all directly relevant. The declared required config paths (night-market.pensive:shared and night-market.imbue:proof-of-work) map to documented evidence-logging behavior in the workflow and are plausible for a review/logging skill.
Instruction Scope
Instructions direct the agent to scan repository files (find, rg, grep) and to run checks like shellcheck and unit tests; this is appropriate for a review skill. However, the workflow explicitly instructs the use of imbue:proof-of-work to record findings (file:line references), which implies transmitting or storing review results via the configured Night Market/imbue integration — verify you trust that destination before enabling the skill.
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest-risk install posture. It expects external tools (shellcheck, rg/grep, pytest) to be present but does not attempt to install anything.
Credentials
No environment variables or external credentials are requested. The only non-local requirements are two config paths (night-market.pensive:shared and night-market.imbue:proof-of-work) used for shared config and evidence logging; these are proportionate to a review-and-log workflow but warrant inspection so you know where findings will be recorded/transmitted.
Persistence & Privilege
always is false and the skill is user-invocable; it does not request persistent or elevated privileges. There is no indication it modifies other skills or system settings.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install nm-pensive-shell-review - 安装完成后,直接呼叫该 Skill 的名称或使用
/nm-pensive-shell-review触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
- Initial release of the shell-review skill: audit shell scripts for correctness, safety, and portability.
- Provides a clear workflow for mapping context, checking exit codes, assessing portability, and verifying safety patterns.
- Documents required TodoWrite items and structured output format for review findings.
- Includes guidance for usage in CI/CD, pre-commit hooks, and automation scripts, with explicit usage and exclusion criteria.
- Integrates proof-of-work evidence logging for auditability.
元数据
常见问题
Nm Pensive Shell Review 是什么?
Audit shell scripts for correctness, portability, and common pitfalls. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 78 次。
如何安装 Nm Pensive Shell Review?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install nm-pensive-shell-review」即可一键安装,无需额外配置。
Nm Pensive Shell Review 是免费的吗?
是的,Nm Pensive Shell Review 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Nm Pensive Shell Review 支持哪些平台?
Nm Pensive Shell Review 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Nm Pensive Shell Review?
由 athola(@athola)开发并维护,当前版本 v1.0.0。
推荐 Skills