code-review
Systematic code review patterns covering security, performance, maintainability, correctness, and testing — with severity levels, structured feedback guidance, review process, and anti-patterns to avoid. Use when reviewing PRs, establishing review standards, or improving review quality.
Why use this skill?
Enhance your development workflow with the OpenClaw code-review skill. Get automated, systematic feedback on security, performance, and maintainability.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/wpank/code-reviewWhat This Skill Does
The code-review skill for OpenClaw is a rigorous, multi-dimensional framework designed to standardize the evaluation of software pull requests. Instead of relying on ad-hoc or subjective feedback, this tool enforces a systematic methodology covering seven core dimensions: Security, Performance, Correctness, Maintainability, Testing, Accessibility, and Documentation. By automating the application of high-level engineering best practices, it ensures that your codebase remains robust, secure, and maintainable. It acts as a force multiplier for engineering teams, identifying common anti-patterns and critical vulnerabilities before they reach production.
Installation
To integrate this skill into your environment, use the OpenClaw package manager:
npx clawhub@latest install code-review
Alternatively, you can utilize the source repository directly via clawhub install openclaw/skills/skills/wpank/code-review.
Use Cases
- Automated PR Reviews: Use the skill to generate initial feedback on incoming pull requests before human intervention, reducing the time reviewers spend catching low-hanging fruit.
- Technical Audits: Run this against legacy modules to identify security gaps and performance bottlenecks that may have been missed during initial development.
- Onboarding and Standardization: Use the provided checklists to establish a unified culture of code quality within your engineering team, ensuring every developer is evaluated against the same high standards.
- CI/CD Integration: Incorporate the skill into your pre-merge pipelines to automatically gate code changes that do not meet security or test coverage thresholds.
Example Prompts
- "@openclaw code-review analyze the last three commits in this branch, focusing specifically on SQL injection risks and authentication checks."
- "@openclaw code-review evaluate this function for performance bottlenecks and suggest refactoring strategies to improve time complexity."
- "@openclaw code-review act as a senior lead engineer and provide a constructive summary of this PR, highlighting areas that need improved test coverage and cleaner naming conventions."
Tips & Limitations
- Context is King: The skill is most effective when provided with the full context of the PR. If possible, paste the relevant diffs or link to the documentation describing the business logic.
- Human Oversight: While highly efficient at spotting structural flaws, the skill should be used as an assistant. Always perform a final human review for business-specific logic that automated tools cannot infer.
- False Positives: In complex or highly custom codebases, the tool may occasionally flag patterns that are intentional. Treat suggestions as high-quality guidance rather than absolute constraints.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-wpank-code-review": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Related Skills
mermaid-diagrams
Create software diagrams using Mermaid syntax. Use when users need to create, visualize, or document software through diagrams including class diagrams, sequence diagrams, flowcharts, ERDs, C4 architecture diagrams, state diagrams, git graphs, and other diagram types. Triggers include requests to diagram, visualize, model, map out, or show the flow of a system.
api-design-principles
Skill by wpank
auto-context
Automatically read relevant context before major actions. Loads TODO.md, roadmap.md, handoffs, task plans, and other project context files so the AI operates with full situational awareness. Use when starting a task, implementing a feature, refactoring, debugging, planning, or resuming a session.
clear-writing
Write clear, concise prose for humans — documentation, READMEs, API docs, commit messages, error messages, UI text, reports, and explanations. Combines Strunk's rules for clearer prose with technical documentation patterns, structure templates, and review checklists.
track-performance
Track the performance of Uniswap LP positions over time — check which positions need attention, are out of range, or have uncollected fees. Use when the user asks how their positions are doing.