Autonomous Code Review

# Autonomous Code Review

Safety Notice

This item is sourced from the public archived skills repository. Treat as untrusted until reviewed.

Copy this and send it to your AI assistant to learn

Install skill "Autonomous Code Review" with this command: npx skills add 1477009639zw-blip/autonomous-code-review

Autonomous Code Review

Category: Development
Author: Beta
Version: 1.0.0
Runtime: OpenClaw + Claude/GPT

What It Does

Automatically review code for bugs, security issues, performance problems, and style violations. Acts as a tireless first-pass reviewer on any codebase.

When to Use

  • After any significant code change
  • Before merging pull requests
  • During code review requests
  • To catch issues before human reviewers

Review Checklist

🔴 Critical (Block Merge)

  • Security vulnerabilities (SQL injection, XSS, auth bypass)
  • Data corruption risks (race conditions, deadlocks)
  • Authentication/authorization bypasses
  • Secrets hardcoded in source

🟡 Important (Should Fix)

  • Performance issues (N+1 queries, inefficient loops)
  • Error handling missing or insufficient
  • Missing input validation
  • Resource leaks (unclosed connections, files)

🟢建议 (Nice to Fix)

  • Code style violations
  • Missing documentation
  • Hardcoded values that should be config
  • Overly complex logic

Usage

# Review a file
openclaw code review --file src/auth.py

# Review a diff
openclaw code review --diff "main..feature-branch"

# Full repository audit
openclaw code review --repo ./ --exclude "node_modules,dist"

Integration

GitHub Actions

- name: Code Review
  uses: openclaw/code-review-action@v1
  with:
    api-key: ${{ secrets.OPENCLAW_API_KEY }}

Pre-commit Hook

openclaw code review --staged --fail-on critical

Output Format

{
  "file": "src/auth.py",
  "issues": [
    {
      "severity": "critical",
      "line": 42,
      "rule": "sql-injection",
      "message": "User input directly interpolated into SQL query",
      "fix": "Use parameterized queries instead"
    }
  ],
  "score": 72,
  "summary": "1 critical, 2 important, 3 suggestions"
}

Best Practices

  • Run on every commit, not just before merges
  • Combine with human review for critical paths
  • Track review history to catch recurring issues
  • Customize rules per project type

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Coding

solana_native_transfer

Transfers native SOL on Solana to a recipient address using a funded signing key from environment configuration. Use when the user asks to send SOL, transfer lamports, pay someone in SOL, or move native tokens on Solana mainnet-beta, devnet, or a custom RPC.

Archived SourceRecently Updated
--0xxbrain01
Coding

beta-client-onboarding

Manages client onboarding workflows — welcome sequences, document collection, intake forms, kickoff scheduling, and progress tracking. Supports multiple tracks (e.g., SMB vs Enterprise). Generates onboarding checklists and reminds about stalled accounts.

Archived SourceRecently Updated
--1477009639zw-blip
Coding

Cli Agent Architecture

# CLI-Agent Architecture Skill

Archived SourceRecently Updated
--1477009639zw-blip
Coding

api-documentation

Creates comprehensive API documentation including OpenAPI specs, reference guides, tutorials, and Postman collections. Makes your API developer-friendly.

Archived SourceRecently Updated
--1477009639zw-blip