← 返回 Skills 市场
yinghaojia

Review Agent

作者 YinghaoJia · GitHub ↗ · v2.1.2 · MIT-0
darwinlinux ⚠ suspicious
111
总下载
0
收藏
0
当前安装
5
版本数
在 OpenClaw 中安装
/install review-agent
功能描述
Pre-meeting review coach for Lark/Feishu (or WeCom). Invoked when a Requester DMs their dedicated review-agent subagent with a draft, proposal, plan, or 1:1...
安全使用建议
Key things to check before installing or running this skill: - Do not run install/update/patch scripts (install.sh / update.sh / feishu_seed_workspace_patch.py) on production systems until reviewed. These scripts clone code from a third‑party GitHub repo and apply a core patch to OpenClaw; review every line in those scripts and the patch file in a trusted environment. - Verify the upstream repository and the publisher identity. Confirm the GitHub repo (https://github.com/jimmyag2026-prog/review-agent-skill) is trustworthy and inspect commit history, recent changes, and install scripts for unexpected network calls or arbitrary command execution. - Audit scripts for network endpoints and secrets handling. Search the code for any hardcoded URLs, remote upload routines, or uses of open network sockets (e.g., dashboard-server.py), and confirm they point only to expected hosts. - Check for undeclared credential needs. The skill will need Lark/Feishu app scopes and OpenClaw gateway credentials to function; do not supply broad platform tokens blindly. Prefer scoped service accounts and rotate tokens after testing. - Sandbox first. Install and run the skill in an isolated test environment (VM/container) with no access to production secrets or tenant tokens, and simulate a minimal session to observe behavior, file writes, and outbound connections. - Review persona/profile files and templates. Since persona files are injected into LLM system prompts, inspect agent_persona.md, boss_profile.md and other templates for any instructions that could force the model to leak data or override system-level safeguards. - Disable automatic updates until you trust the source. Do not enable any auto-update behavior; prefer to pull updates manually after review. - If you must proceed in production, minimize scope: restrict Lark/Feishu app scopes to the least privilege needed, do not apply the core patch until reviewed, and backup OpenClaw core before applying any modifications. If you want, I can: (1) list specific files/lines to inspect next (install.sh, update.sh, feishu_seed_workspace_patch.py, scripts that call network), (2) scan the included Python scripts for obvious I/O/network calls to external hosts, or (3) produce a short sandbox test plan you can run safely.
功能分析
Type: OpenClaw Skill Name: review-agent Version: 2.1.2 The skill bundle implements a complex 'Review Agent' with significant system-level interactions. While the logic appears aligned with its stated purpose, it exhibits high-risk behaviors including the use of subprocesses to execute external binaries (pdftotext, tesseract, whisper) on user-provided files in 'ingest.py', and it requires an invasive 'source patch' to the OpenClaw core platform (modifying node_modules) as described in 'POST_INSTALL.md'. Additionally, it handles sensitive API keys across multiple legacy and current configuration paths and performs automated network requests to GitHub and OpenRouter. These capabilities, particularly the platform patching, represent a significant security risk and high attack surface, though no clear evidence of intentional malice was found.
能力标签
cryptorequires-oauth-tokenrequires-sensitive-credentials
能力评估
Purpose & Capability
The described functionality (per-peer review subagents, file-based sessions, Python scripts) aligns with the 'review coach' claim. However the SKILL and POST_INSTALL ask the admin to patch the OpenClaw core (feishu_seed_workspace_patch.py) and to grant Lark/Feishu app scopes — capabilities that are not declared in the registry metadata (no required env vars). Requesting a platform core patch is a heavy, privileged action that should be justified and audited.
Instruction Scope
Runtime instructions/read/write many local files under ~/.openclaw and per-session folders; they also load persona/profile documents into LLM system prompts. The SKILL.md explicitly instructs running multiple scripts that will read boss_profile.md, review_rules.md, sessions/* files, and may access gateway/token config via openclaw. Admin docs instruct running external install/update scripts and applying a core patch. The skill's instructions therefore go beyond lightweight in‑agent behavior and include system-level modifications and network fetches — scope creep from a simple ‘review/coach’ capability.
Install Mechanism
The registry lists no formal install spec, but POST_INSTALL and README instruct admins to git clone a GitHub repo and run install.sh/update.sh which fetch code and apply a core patch. update.sh and install.sh will pull remote code (github.com/jimmyag2026-prog/...), and a supplied patch modifies openclaw core files. Fetching and running remote install/patch scripts is higher risk and should be audited before execution.
Credentials
The metadata claims no required env vars, but documentation and delivery/backends clearly expect platform credentials and tools: OpenClaw feishu gateway config (tenant access tokens), Lark/Feishu app scopes, optional send_mail/Gmail SMTP, and optional ~/bin/lark_send or ~/bin/send_mail helpers. Those credentials are functionally necessary for the skill to reach Responder/Requester or to push docs yet are not declared in requires.env. This mismatch is an incoherence and increases risk of unexpected access to sensitive tokens.
Persistence & Privilege
The skill asks admins to apply a persistent patch to the openclaw core to alter workspace seeding behavior and includes update/uninstall scripts that can change system state. While 'always: false', the core patch and admin helpers give the skill global effect on the platform (modifying how dynamic agent creation seeds personas). That is a substantial privilege and should not be applied without review; it also increases blast radius if the skill is later updated from upstream.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install review-agent
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /review-agent 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v2.1.2
v2.1.2 HOTFIX: monitor-*.js auto-discovery (was hardcoded macOS path — broke on Linux VPS). workspaceTemplate now absolute path with {agentId} placeholder (was: literal tilde that didn't expand in all openclaw runtime contexts). Patchers auto-recover from v2.0-v2.1.1 broken configs on re-run. See CHANGELOG.
v2.1.1
v2.1.1 HOTFIX: patch_openclaw_json.py was writing wrong feishu keys (dynamicAgents/dm/workspaceTemplate — these are wecom-plugin keys). Feishu schema rejected them -> gateway refused to start on every v2.0-v2.1.0 install. Fixed to use correct feishu-native channels.feishu.dynamicAgentCreation. Auto-cleans legacy bad keys on re-run so broken installs recover.
v2.1.0
v2.1.0: live-testing fixes + top-5 findings + attachment-first. 7 bugs resolved from first real Lark test. Q&A loop now defaults to top 5 most important findings (reply 'more' for deferred, 'done' to close). Attachment-first flow asks for material before review if none provided. Channel compat clarified: feishu+wecom only for per-peer subagent. Includes POST_INSTALL.md with Admin quickstart.
v2.0.2
v2.0.2: cosmetic fix — publish under clean display name 'Review Agent' (previous v2.0.1 had folder-derived name). Functional content unchanged.
v2.0.1
v2.0.1: initial ClawHub release. Pre-meeting review coach for Lark with per-peer subagent isolation via openclaw dynamicAgents. Four-pillar framework (Background/Materials/Framework/Intent) + Responder simulation + Q&A loop + 6-section decision brief. Includes uninstall.sh + update.sh.
元数据
Slug review-agent
版本 2.1.2
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 5
常见问题

Review Agent 是什么?

Pre-meeting review coach for Lark/Feishu (or WeCom). Invoked when a Requester DMs their dedicated review-agent subagent with a draft, proposal, plan, or 1:1... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 111 次。

如何安装 Review Agent?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install review-agent」即可一键安装,无需额外配置。

Review Agent 是免费的吗?

是的,Review Agent 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Review Agent 支持哪些平台?

Review Agent 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(darwin, linux)。

谁开发了 Review Agent?

由 YinghaoJia(@yinghaojia)开发并维护,当前版本 v2.1.2。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论