by 安全扫描
OpenClaw
可疑
medium confidenceThe skill largely matches its stated purpose (autonomous PR review + fixes), but its instructions and script implicitly require GitHub CLI, git, jq, and write-level GitHub credentials — none of which are declared — and it references Telegram escalation without explaining credentials; these mismatches merit caution before installing.
评估建议
Before installing: 1) Confirm that the agent environment will have gh (GitHub CLI), git, jq, and flock available; the skill does not declare these dependencies. 2) Carefully plan GitHub credentials: the skill needs an authenticated identity with push/merge rights — only grant the minimum scopes and prefer a repo-scoped service account or installation token. 3) Decide and enforce merge policy: the script auto-merges on heuristics (score≥4, or force-merge after 5 rounds or same score repeats) — if...详细分析 ▾
⚠ 用途与能力
The skill's stated purpose (autonomously reading Greptile reviews, applying fixes, pushing, re-triggering reviews, and merging) matches the SKILL.md and the included script. However, the package metadata declares no required binaries or credentials even though the workflow and scripts clearly rely on gh (GitHub CLI), git, jq, grep/flock and an authenticated GitHub identity capable of pushing/merging. This omission is an incoherence that affects safety decisions.
ℹ 指令范围
SKILL.md and the script instruct the agent to read files/lines referenced by reviewer comments, modify code, commit, push, and auto-merge under heuristics (including force_merge after max rounds). That behavior is within the stated purpose but grants broad autonomous write/merge authority and discretionary fixes. The doc also says to 'ping Master on Telegram' for escalations but provides no mechanism or declared credentials for doing so.
ℹ 安装机制
There is no install spec (instruction-only + small script), which is lower risk from arbitrary downloads. However, required runtime tools (gh, jq, git, flock) are expected but not declared or installed; the skill assumes they exist on PATH.
⚠ 凭证需求
The skill implicitly requires a GitHub-authenticated environment (GH CLI auth or GITHUB_TOKEN) with push/merge rights for target repos, but no required env vars or primary credential are declared. It also references Telegram for escalation without declaring how to authenticate. Requesting or expecting high-privilege repo credentials without declaring them is disproportionate and should be made explicit.
ℹ 持久化与权限
always:false (good). The skill stores review-state.json in the workspace (benign). Nevertheless, its runtime operations (commits, pushes, merges, branch deletion) require significant repository privileges; consider restricting tokens/scopes and human oversight for architectural/force-merge cases.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.02026/2/13
Autonomous Greptile PR review loop: auto-fix, auto-merge at 4/5+, round tracking, escalation for architectural decisions
● 可疑
安装命令
点击复制官方npx clawhub@latest install pr-review-loop
镜像加速npx clawhub@latest install pr-review-loop --registry https://cn.longxiaskill.com