← 返回 Skills 市场
721
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install solo-review
功能描述
Final code review and quality gate — run tests, check coverage, audit security, verify acceptance criteria from spec, and generate ship-ready report. Use whe...
安全使用建议
This skill is coherent with its stated purpose, but before installing or running it consider: (1) it will run tests/builds which execute project code — run it only on code you trust or in a sandbox/CI runner; (2) it will edit project docs (it checks and updates spec.md checkboxes) so review commits/changes after a run; (3) it searches for secrets (grep patterns) but does not request credentials — nevertheless ensure secrets are not stored in the repo; (4) confirm you grant only the needed tools (Read, Grep, Bash, Glob, Write, Edit, and the listed MCP tools) and restrict access to sensitive projects if needed. If you want extra safety, run this skill in an isolated environment (container/CI job) and review its edits before merging.
功能分析
Type: OpenClaw Skill
Name: solo-review
Version: 1.1.1
The skill is classified as suspicious due to its extensive use of the `Bash` tool for executing various commands, including `grep` for potentially sensitive patterns like `sk_live`, `sk_test`, and `password` in source files. While the stated purpose is a security audit, this capability (found in SKILL.md) inherently carries a risk of information disclosure if the agent's output or environment is compromised. Additionally, the skill initiates network calls to external services (e.g., Vercel, Cloudflare, Fly.io logs) and modifies the git repository, which, while aligned with its review function, expands the attack surface. There is no clear evidence of intentional malicious behavior like unauthorized data exfiltration to third-party domains or persistence mechanisms, but the high-risk capabilities warrant a 'suspicious' classification.
能力评估
Purpose & Capability
Name/description (final review, tests, lint, security, acceptance criteria, report) match the SKILL.md steps (run tests, linters, builds, dependency audits, verify spec, generate report). No unrelated credentials, binaries, or installs are requested.
Instruction Scope
Instructions legitimately direct the agent to run tests, linters, builds, grep for secrets, read docs, and update spec.md checkboxes. This includes mutating repository docs (Edit/Write) and executing project test/build commands (which will run project code). Those behaviors are expected for a review skill, but you should be aware the skill will modify files and execute repository code during its run.
Install Mechanism
Instruction-only skill with no install spec and no external downloads — minimal disk footprint and low install risk.
Credentials
No environment variables, credentials, or external config paths are requested. The checks for common secret patterns (e.g., sk_live) are appropriate for a security audit and proportional to the stated purpose.
Persistence & Privilege
always is false (normal). The skill requires Write/Edit tool permissions to update spec.md checkboxes within the repo — a reasonable repository-level mutation for a quality gate, but it is persistent in the sense that it will change project files. It does not request system-wide or cross-skill configuration changes.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install solo-review - 安装完成后,直接呼叫该 Skill 的名称或使用
/solo-review触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.1.1
Universalize: remove project-specific references, add SearXNG recommendation
v1.1.0
Initial publish
元数据
常见问题
Review 是什么?
Final code review and quality gate — run tests, check coverage, audit security, verify acceptance criteria from spec, and generate ship-ready report. Use whe... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 721 次。
如何安装 Review?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install solo-review」即可一键安装,无需额外配置。
Review 是免费的吗?
是的,Review 完全免费(开源免费),可自由下载、安装和使用。
Review 支持哪些平台?
Review 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Review?
由 Rust(@fortunto2)开发并维护,当前版本 v1.1.1。
推荐 Skills