← 返回 Skills 市场
ggettert

Structured PR Review

作者 Grace Gettert · GitHub ↗ · v0.1.0 · MIT-0
cross-platform ✓ 安全检测通过
69
总下载
2
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install structured-pr-review
功能描述
Structured PR code review with layered analysis and severity tiers. Two modes: (1) Giving reviews — walk through security, correctness, conventions, IaC, and...
使用说明 (SKILL.md)

Structured PR Review

Two modes: giving reviews and addressing review comments. No external dependencies — uses gh CLI only.

Giving Reviews

When asked to review or check a PR:

  1. Fetch the PR details and full diff
  2. Walk through each review layer in order (see references/review-layers.md):
    • Security — secrets, injection, auth, exposure
    • Correctness — logic errors, edge cases, error handling
    • Conventions — team standards (customize via references/conventions.md)
    • IaC — Terraform/CloudFormation checks (customize via references/iac-checklist.md)
    • Testing — coverage, new code has tests
  3. Produce a structured verdict with severity tiers

Key principles:

  • Be direct — "this approach has problems" beats "interesting choice"
  • Every issue includes what to fix, not just what's wrong
  • Acknowledge what the PR does well
  • When in doubt on severity, go one level lower

See references/review-layers.md for the full framework and verdict format.

Addressing Review Comments

When asked to address, fix, or respond to PR feedback:

  1. Fetch all review comments (inline + review-level)
  2. Fix each issue or document why not
  3. Reply to every comment — none left unacknowledged
  4. Resolve threads, update PR description, push

See references/addressing-workflow.md for the step-by-step workflow.

Key rules:

  • Never leave comments unacknowledged — reply to every one
  • Always update the PR description after making changes
  • Verify the PR is actually merged before closing linked issues

Customization

This skill ships with generic review layers. Customize for your team:

  • references/conventions.md — coding conventions, commit format, naming rules. Ships with common defaults — customize for your team.
  • references/iac-checklist.md — add your IaC-specific checks (required tags, allowed regions, provider pins). Ships with common Terraform patterns — extend for your org.

References

Works Well With

  • terraform-skill (antonbabenko) — Terraform authoring best practices, module patterns, testing strategies
  • conventional-commits — commit message format conventions (useful when addressing reviews)
  • github (built-in) — general gh CLI operations for PRs, issues, and CI runs
  • gh-issues (built-in) — automated PR monitoring and review spawning
安全使用建议
This skill is coherent for reviewing and addressing PRs, but it will make changes: it clones repos, edits files, commits, pushes, posts replies, and resolves threads using the gh CLI. Before installing/using: (1) ensure the environment running the agent has gh and git installed and a GitHub login configured; (2) verify the GitHub token/credentials used by gh have the minimum scopes needed (repo access only as required) and are not organization-wide admin tokens; (3) prefer using review-only (giving reviews) unless you explicitly want the agent to push fixes — test addressing-mode on a fork or test repo first; (4) if you plan to allow autonomous invocation, require an approval step before any push/merge/resolve actions; (5) audit commits/pushes created by the agent and rotate tokens if unexpected changes occur.
功能分析
Type: OpenClaw Skill Name: structured-pr-review Version: 0.1.0 The skill provides a structured framework for conducting and addressing GitHub Pull Request reviews using the `gh` CLI. It includes comprehensive checklists for security, correctness, and Infrastructure as Code (IaC) across files like `references/review-layers.md` and `references/iac-checklist.md`. The operations (fetching diffs, posting comments, and pushing commits) are transparently documented and align strictly with the stated purpose of PR management without any signs of malicious intent or data exfiltration.
能力评估
Purpose & Capability
The name/description (structured PR review, two modes) matches the instructions and reference files. All declared capabilities (fetch PR, walk review layers, reply/resolve, push fixes) are relevant to the stated purpose; there are no unrelated requirements (no unexpected cloud keys, weird binaries, or network endpoints).
Instruction Scope
The SKILL.md and references explicitly instruct the agent to clone repositories, checkout PR branches, modify files, commit, push, post replies, and resolve review threads via gh API/GraphQL. That is within the 'addressing reviews' mode, but it grants the skill permission to make and push changes to repositories and to mark threads resolved. Users should be aware that addressing mode is not read-only: it performs write operations on the target repo.
Install Mechanism
Instruction-only skill with no install spec and no bundled code. This minimizes disk-installed risk; it relies on the system-provided gh CLI and git being available.
Credentials
No environment variables are declared, but the skill implicitly requires a configured gh/git environment (authenticated gh session or git credentials) with sufficient scopes to read/clone, comment, resolve threads, and push branches. The skill does not request unrelated credentials, but users must ensure the agent's GitHub credential/token has appropriate (least-privilege) scopes before use.
Persistence & Privilege
always:false (good). The skill can perform autonomous actions (disable-model-invocation:false is normal), and those actions include pushing commits and resolving threads. If the agent is allowed to invoke skills autonomously, this write capability increases blast radius — consider requiring user confirmation before making push/resolve operations or restricting the skill to review-only for less risk.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install structured-pr-review
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /structured-pr-review 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.0
Initial release — 5-layer review framework, severity tiers, addressing workflow, customizable conventions and IaC checklist
元数据
Slug structured-pr-review
版本 0.1.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Structured PR Review 是什么?

Structured PR code review with layered analysis and severity tiers. Two modes: (1) Giving reviews — walk through security, correctness, conventions, IaC, and... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 69 次。

如何安装 Structured PR Review?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install structured-pr-review」即可一键安装,无需额外配置。

Structured PR Review 是免费的吗?

是的,Structured PR Review 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Structured PR Review 支持哪些平台?

Structured PR Review 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Structured PR Review?

由 Grace Gettert(@ggettert)开发并维护,当前版本 v0.1.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论