← 返回 Skills 市场
Xie Code Review
作者
michealxie001
· GitHub ↗
· v1.1.0
· MIT-0
90
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install xie-code-review
功能描述
Automated code review assistant. Analyzes code changes, PRs, and files for quality issues, best practices, security concerns, and style violations. Provides...
安全使用建议
This skill appears to be a local static analysis/code-review tool and is coherent with its description. Before using it: (1) review the full analyzer.py (the provided snippet was truncated) to verify there are no network calls, subprocesses, or eval/exec of untrusted code; (2) when adding the pre-commit hook, point to the repository-relative script path (not an arbitrary absolute path) and consider running it in CI with limited permissions; (3) run the tool locally in a sandboxed environment initially (or inspect generated reports) to confirm behavior; (4) avoid running unknown third-party tools on systems holding sensitive credentials or secrets until you’ve audited them.
功能分析
Type: OpenClaw Skill
Name: xie-code-review
Version: 1.1.0
The skill bundle is a legitimate automated code review tool designed to analyze Python, JavaScript, and C/C++ code for quality, style, and security issues. The core logic in `scripts/analyzer.py` uses AST parsing and regex-based heuristics to detect common vulnerabilities such as hardcoded secrets, SQL injection, and dangerous functions (e.g., `eval`, `strcpy`). The Git integration in `scripts/main.py` uses standard `subprocess` calls to identify changed files, and the `SKILL.md` instructions are strictly aligned with the tool's stated purpose without any signs of prompt injection or malicious intent.
能力评估
Purpose & Capability
Name/description (automated code review) align with what is included: a Python analyzer and a CLI entrypoint that parse code (AST), run style/security/complexity checks, and integrate with git/CI. The optional local c-support import matches the SKILL.md claim of C/C++ support.
Instruction Scope
SKILL.md directs the agent/user to run the included scripts against files, staged changes, commits, or diffs and to write reports locally or to CI artifacts. The instructions reference only local paths, git commands, and output files; they do not direct data to external endpoints or request secrets. The pre-commit and CI examples are standard but require the user to ensure the referenced paths are correct.
Install Mechanism
No install spec is present (instruction-only with code files). The skill includes Python scripts that run from repository paths; nothing is downloaded or written to atypical system locations during install.
Credentials
The skill declares no required environment variables, no credentials, and no config paths. The code does not read environment secrets in the visible sections. The only external integration is git via subprocess, which is appropriate for a code-review tool.
Persistence & Privilege
Flags show always: false and normal agent invocation. The skill does not request permanent presence or modify other skills or system-wide agent settings. It only provides CLI tools that the user runs.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install xie-code-review - 安装完成后,直接呼叫该 Skill 的名称或使用
/xie-code-review触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.1.0
Added C/C++ support: code quality, style checks, unsafe functions, header guards
元数据
常见问题
Xie Code Review 是什么?
Automated code review assistant. Analyzes code changes, PRs, and files for quality issues, best practices, security concerns, and style violations. Provides... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 90 次。
如何安装 Xie Code Review?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install xie-code-review」即可一键安装,无需额外配置。
Xie Code Review 是免费的吗?
是的,Xie Code Review 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Xie Code Review 支持哪些平台?
Xie Code Review 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Xie Code Review?
由 michealxie001(@michealxie001)开发并维护,当前版本 v1.1.0。
推荐 Skills