📦 GitCode PR comment fix — 修PR意见

v1.0.0

读取 GitCode PR 检视评论并自动修改对应代码，需配置 GITCODE_TOKEN，一键完成意见修复。

0· 86·0 当前·0 累计

by @autoxj (do_while_true)

开发工具自动化代码生成

下载技能包

最后更新

2026/3/28

安全扫描

VirusTotal

无害

查看报告

OpenClaw

安全

high confidence

NULL

评估建议

This skill appears coherent and focused on GitCode PR review workflows, but before installing or running it: (1) review the included script text yourself to confirm it behaves as stated (it uses the GitCode API and standard-library Python only); (2) only provide a GitCode token with the minimal scope needed and avoid pasting tokens into chat messages — prefer setting GITCODE_TOKEN in the environment or passing --token at runtime; (3) be aware the SKILL.md directs the agent to edit files in your ...

详细分析 ▾

✓ 用途与能力

Name/description, required env var (GITCODE_TOKEN), SKILL.md, README, and included script all target GitCode PR review workflows (fetching unresolved diff comments, optionally replying and marking discussions resolved). The resources requested (a GitCode token) are appropriate for that purpose.

✓ 指令范围

SKILL.md prescribes a strict flow: fetch context JSON, present items to the user, await explicit scope confirmation, then (if confirmed) apply local code changes and optionally reply/resolve on GitCode. The provided script implements the fetch/reply/resolve API interactions; the SKILL.md intentionally places code edits under the agent/user control rather than as an automated 'apply' subcommand. The instructions explicitly forbid sending replies or resolving remote discussions without user confirmation.

✓ 安装机制

No install spec or external downloads; the skill is instruction-only with a Python script that uses only the standard library. This is a low-risk delivery model (nothing written to disk by an installer).

✓ 凭证需求

Only GITCODE_TOKEN is required (declared as primaryEnv). The script reads the token from the environment or a CLI flag. On Windows it includes a fallback to query system/user environment variables via a PowerShell call, which is intended to locate GITCODE_TOKEN but is the only additional system access; no other credentials or unrelated env variables are requested.

✓ 持久化与权限

The skill does not request permanent/always-inclusion (always:false), does not modify other skills or system configuration, and has no install step that persists components beyond the script files. Autonomous invocation is allowed by default but is not combined with other red flags here.

安全有层次，运行前请审查代码。

运行时依赖

无特殊依赖

版本

latestv1.0.02026/3/28

NULL

● 无害

安装命令

点击复制

官方npx clawhub@latest install pr-comment-fix

镜像加速npx clawhub@latest install pr-comment-fix --registry https://cn.longxiaskill.com

数据来源：ClawHub ↗ · 中文优化：龙虾技能库