Safety Report

Requesting Code Review

Name: Requesting Code Review
Rating: 5 (2 reviews)
Author: zlc000190

@zlc000190

Use when completing tasks, implementing major features, or before merging to verify work meets requirements

1,227Downloads

16Installs

2Stars

1Versions

Project Management1,537 Design & Prototyping842

Security Analysis

high confidence

Clean0.04 risk

The skill's instructions and artifacts match its stated purpose (requesting a code review); it is an instruction-only code-review helper that reads git diffs and dispatches a review subagent and does not ask for credentials or install software.

Feb 11, 20262 files1 concern

Purpose & Capabilityok

Name and description (requesting code review) align with the SKILL.md and code-reviewer.md: both guide capturing git SHAs, producing a diff, and dispatching a code-review subagent/template. No unrelated binaries, env vars, or installs are requested.

Instruction Scopenote

Instructions explicitly run git commands to compute BASE_SHA/HEAD_SHA and ask the agent to dispatch superpowers:code-reviewer with the provided template. This necessarily exposes repository diffs to the subagent (expected for a review). Minor mismatch in placeholder names: SKILL.md uses {PLAN_OR_REQUIREMENTS} while code-reviewer.md references {PLAN_REFERENCE} — this could lead to missing plan text if not filled consistently.

Install Mechanismok

No install spec and no code files that execute on disk; instruction-only skill means nothing is written or downloaded during install.

Credentialsok

Skill requests no environment variables, credentials, or config paths; the requested access (git repo/diff) is proportionate to a code-review task.

Persistence & Privilegeok

always is false, default autonomous invocation allowed (normal). The skill does not request system-wide changes or modify other skills; no elevated persistence or privileges are requested.

Guidance

This skill is coherent for requesting automated human/agent code reviews: it runs git commands to produce diffs and sends those diffs and your provided plan/description to a review subagent. Before using it, confirm you trust the target reviewer/subagent (code diffs will be exposed to it), fix the placeholder name mismatch ({PLAN_OR_REQUIREMENTS} vs {PLAN_REFERENCE}) so plans are included, and ensure you run the commands in the intended repository/branch (SHA selection matters). If you have sensitive or proprietary code, verify where review outputs go and that the subagent won't forward code to external services you don't control.

Latest Release

v0.1.0

Initial release: 请求代码审查

More by @zlc000190

Writing Skills

4 stars

Dispatching Parallel Agents

2 stars

Writing Plans

2 stars

Subagent Driven Development

2 stars

Brainstorming

1 stars

Using Superpowers

1 stars

Published by @zlc000190 on ClawHub