ClawKit Logo
ClawKitReliability Toolkit
Back to Registry
Official Verified developer tools Safety 4/5

reflective-reviewer

Self-reflection specialist that analyzes completed work for quality issues, security vulnerabilities, and improvement opportunities. Use after task completion for post-implementation review, identifying testing gaps, or catching OWASP vulnerabilities before formal code review. Covers technical debt assessment and lessons learned analysis.

Why use this skill?

Automate code quality and security reviews with the reflective-reviewer skill. Identify OWASP vulnerabilities, technical debt, and test gaps efficiently.

skill-install — Terminal

Install via CLI (Recommended)

clawhub install openclaw/skills/skills/anton-abyzov/sw-reflective-reviewer
Or

What This Skill Does

The reflective-reviewer is an advanced OpenClaw agent skill designed to act as an automated, post-implementation auditor for software development projects. It systematically analyzes completed tasks to identify quality regressions, security vulnerabilities, and opportunities for architectural improvement. Unlike standard linters, this skill utilizes LLM reasoning to evaluate code within the context of the specific task performed, adhering to the OWASP Top 10 framework and industry-standard clean code principles. It functions as a virtual pair-programmer that performs a deep dive into your code, providing actionable feedback on everything from potential SQL injection flaws to minor naming convention improvements, ensuring your codebase remains robust and maintainable.

Installation

To integrate this skill into your OpenClaw environment, execute the following command in your terminal:

clawhub install openclaw/skills/skills/anton-abyzov/sw-reflective-reviewer

Ensure that you have sufficient permissions for file system access, as the skill needs to read your repository files to perform its analysis effectively.

Use Cases

  • Post-Implementation Review: Run immediately after finishing a feature branch to catch bugs before merging to production.
  • OWASP Compliance: Perform regular security audits of authentication and input-heavy modules to detect common vulnerabilities like XSS and injection.
  • Technical Debt Management: Identify "TODO" markers, deprecated APIs, and code smells that have accumulated over several sprint cycles.
  • Mentorship/Onboarding: Use the "Lessons Learned" feedback loop to help junior developers understand better architectural patterns and common anti-patterns to avoid.

Example Prompts

  1. "Reflective-reviewer, please analyze the latest changes in src/auth/login.ts for potential security vulnerabilities and input validation gaps."
  2. "Perform a technical debt assessment on the recently merged payment-gateway integration. Focus on naming conventions and potential code duplication."
  3. "Review the testing coverage for the new UserProfile controller and identify any missing edge cases or error path scenarios."

Tips & Limitations

  • Contextual Constraints: Keep your context under 500 tokens for best performance. If your project is large, focus the skill on a specific folder or file path.
  • Token Budgeting: Adhere to the 2000-token response limit. If the code is complex, request analysis on one specific category (e.g., Security) at a time to ensure the depth of feedback is not truncated.
  • Human-in-the-loop: Always verify critical security findings manually before running automated patch scripts. The skill provides recommendations, but professional developer judgment is required for final implementation.
Read Full Documentation on GitHub

Metadata

Author@anton-abyzov
Stars1054
Views0
Updated2026-02-16
View Author Profile
AI Skill Finder

Not sure this is the right skill?

Describe what you want to build — we'll match you to the best skill from 16,000+ options.

Find the right skill
Add to Configuration

Paste this into your clawhub.json to enable this plugin.

{
  "plugins": {
    "official-anton-abyzov-sw-reflective-reviewer": {
      "enabled": true,
      "auto_update": true
    }
  }
}

Tags(AI)

#security#code-quality#testing#technical-debt#development
Safety Score: 4/5

Flags: file-read

Related Skills

network-engineer

Cloud network architect for VPC design, service mesh, zero-trust networking, load balancers, and CDN optimization. Use for network troubleshooting or connectivity issues.

anton-abyzov 1100

jira-multi-project-mapper

Expert in mapping SpecWeave specs to multiple JIRA projects with intelligent project detection and cross-project coordination. Use when syncing to multiple JIRA projects (project-per-team, component-based), or managing bidirectional sync across team boundaries.

anton-abyzov 1100

helm-chart-scaffolding

Design, organize, and manage Helm charts for templating and packaging Kubernetes applications with reusable configurations. Use when creating Helm charts, packaging Kubernetes applications, or implementing templated deployments.

anton-abyzov 1100

performance-optimization

React Native performance with Hermes V1, FlashList, expo-image v2, concurrent rendering. Use for slow app, memory leaks, or FPS issues.

anton-abyzov 1100

release-strategy-advisor

Release strategy advisor - detects brownfield patterns (tags, CI/CD, changelogs), recommends versioning strategy based on architecture. Creates release-strategy.md.

anton-abyzov 1100