← 返回 Skills 市场
PR Review
作者
Misha Kolesnik
· GitHub ↗
· v0.2.1
· MIT-0
121
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install review-github-pr
功能描述
GitHub PR code review - fetches the diff, runs automated checks, launches 3 parallel review agents (correctness, convention compliance, efficiency) to analyz...
安全使用建议
This skill's behavior (cloning/checking out PRs, running local validation, launching three parallel model-based review agents, and preparing GitHub reviews) is reasonable for a PR-reviewer, but the packaging is inconsistent. Before installing or running: (1) verify you have the GitHub 'gh' CLI and git on PATH and that 'gh' is authenticated (it will need permission to read the repo and, if you post reviews, to write), (2) confirm whether your platform allows the skill to invoke models — the SKILL.md expects sub-agents but the skill metadata sets disable-model-invocation: true, so ask the publisher to clarify/fix this, (3) treat evaluation fixture scripts as test-only — they create a mock 'gh' but are not a runtime install; don't run untrusted setup scripts unless you inspect them, (4) test the skill in a sandboxed environment (non-production account) to confirm actual behavior and that it will not auto-post reviews, and (5) ask the publisher to update metadata to declare required binaries and any needed environment variables (e.g., GITHUB_TOKEN or GH auth) and to remove the contradictory disable-model-invocation flag. If the publisher cannot explain or fix these mismatches, avoid granting the skill access to real repositories or credentials.
功能分析
Type: OpenClaw Skill
Name: review-github-pr
Version: 0.2.1
The skill automates GitHub PR reviews by cloning repositories and executing commands defined in a 'CLAUDE.md' file. A significant security vulnerability exists in the execution flow described in SKILL.md: the agent checks out the PR branch before Phase 1 (Automated Checks), which allows a malicious PR to modify the CLAUDE.md file and achieve Remote Code Execution (RCE) by specifying arbitrary shell commands. While the instructions include explicit security warnings and use delimiters to handle untrusted PR content, the logic of executing project-defined scripts from an unverified branch poses a high risk of exploitation.
能力标签
能力评估
Purpose & Capability
The SKILL.md implements a GitHub PR review flow that expects a local git repo, the GitHub 'gh' CLI, and the ability to post reviews. However, the declared requirements list no binaries, no config paths, and no primary credential. At minimum 'gh' (and git) and user authentication for GitHub are required for the described behavior. The presence of evaluation fixtures that create a mock gh CLI suggests tests assume the operator will add a mock to PATH — but that is not the same as the skill declaring its real runtime dependencies.
Instruction Scope
The instructions instruct the agent to clone/check out PRs, run local validation commands (from CLAUDE.md), read every changed file, and launch three parallel review sub-agents with model: 'opus' while wrapping PR content as untrusted. Those operations are in-scope for a PR reviewer, but the SKILL.md also requires model-based sub-agent invocation while the skill metadata sets disable-model-invocation: true (contradiction). The skill reads repository files and may clone into /tmp; it explicitly forbids executing arbitrary commands found in PR content, which is good, but the mismatch between declared capabilities and the runtime instructions is a practical problem.
Install Mechanism
There is no install specification (instruction-only), which minimizes automatic disk writes. The package does include evaluation fixture scripts and mock 'gh' creation scripts used for local testing; these are test artifacts that a user would need to run manually to reproduce evals. No external downloads or installers are embedded in the skill.
Credentials
The skill will interact with GitHub via the 'gh' CLI and may need to post reviews, but it declares no required environment variables (no GITHUB_TOKEN/GH_TOKEN). That omission is disproportionate: either the operator must already have GH auth configured for 'gh', or the skill should declare and request credentials. The SKILL.md's requirement that reviews be posted only after explicit user confirmation mitigates auto-post risk, but the credential omission remains an inconsistency.
Persistence & Privilege
The skill does not request persistent 'always' privileges (always: false), which is appropriate. However, the metadata sets disable-model-invocation: true while the instructions explicitly rely on launching multiple model-driven sub-agents (Agent tool with model: 'opus'). This mismatch affects whether the skill can perform its stated behavior and is a governance/privilege inconsistency that should be resolved before trusting the skill.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install review-github-pr - 安装完成后,直接呼叫该 Skill 的名称或使用
/review-github-pr触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.2.1
Updated review-github-pr from 0.2.0 to 0.2.1.
Changes:
- modified `SKILL.md`
v0.2.0
Initial publish of review-github-pr 0.2.0.
Changes:
- added `LICENSE.txt`
- added `SKILL.md`
- added `evals/evals.json`
- added `evals/fixtures/clean/setup.sh`
- added `evals/fixtures/correctness-convention/setup.sh`
- added `evals/fixtures/efficiency-design/setup.sh`
元数据
常见问题
PR Review 是什么?
GitHub PR code review - fetches the diff, runs automated checks, launches 3 parallel review agents (correctness, convention compliance, efficiency) to analyz... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 121 次。
如何安装 PR Review?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install review-github-pr」即可一键安装,无需额外配置。
PR Review 是免费的吗?
是的,PR Review 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
PR Review 支持哪些平台?
PR Review 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 PR Review?
由 Misha Kolesnik(@tenequm)开发并维护,当前版本 v0.2.1。
推荐 Skills