Best use case
Autonomous Code Review is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
**Category:** Development
Teams using Autonomous Code Review should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/autonomous-code-review/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How Autonomous Code Review Compares
| Feature / Agent | Autonomous Code Review | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
**Category:** Development
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
Related Guides
AI Agents for Coding
Browse AI agent skills for coding, debugging, testing, refactoring, code review, and developer workflows across Claude, Cursor, and Codex.
Cursor vs Codex for AI Workflows
Compare Cursor and Codex for AI coding workflows, repository assistance, debugging, refactoring, and reusable developer skills.
Best AI Skills for Claude
Explore the best AI skills for Claude and Claude Code across coding, research, workflow automation, documentation, and agent operations.
SKILL.md Source
# Autonomous Code Review
**Category:** Development
**Author:** Beta
**Version:** 1.0.0
**Runtime:** OpenClaw + Claude/GPT
## What It Does
Automatically review code for bugs, security issues, performance problems, and style violations. Acts as a tireless first-pass reviewer on any codebase.
## When to Use
- After any significant code change
- Before merging pull requests
- During code review requests
- To catch issues before human reviewers
## Review Checklist
### 🔴 Critical (Block Merge)
- [ ] Security vulnerabilities (SQL injection, XSS, auth bypass)
- [ ] Data corruption risks (race conditions, deadlocks)
- [ ] Authentication/authorization bypasses
- [ ] Secrets hardcoded in source
### 🟡 Important (Should Fix)
- [ ] Performance issues (N+1 queries, inefficient loops)
- [ ] Error handling missing or insufficient
- [ ] Missing input validation
- [ ] Resource leaks (unclosed connections, files)
### 🟢建议 (Nice to Fix)
- [ ] Code style violations
- [ ] Missing documentation
- [ ] Hardcoded values that should be config
- [ ] Overly complex logic
## Usage
```bash
# Review a file
openclaw code review --file src/auth.py
# Review a diff
openclaw code review --diff "main..feature-branch"
# Full repository audit
openclaw code review --repo ./ --exclude "node_modules,dist"
```
## Integration
### GitHub Actions
```yaml
- name: Code Review
uses: openclaw/code-review-action@v1
with:
api-key: ${{ secrets.OPENCLAW_API_KEY }}
```
### Pre-commit Hook
```bash
openclaw code review --staged --fail-on critical
```
## Output Format
```json
{
"file": "src/auth.py",
"issues": [
{
"severity": "critical",
"line": 42,
"rule": "sql-injection",
"message": "User input directly interpolated into SQL query",
"fix": "Use parameterized queries instead"
}
],
"score": 72,
"summary": "1 critical, 2 important, 3 suggestions"
}
```
## Best Practices
- Run on every commit, not just before merges
- Combine with human review for critical paths
- Track review history to catch recurring issues
- Customize rules per project typeRelated Skills
Post-Mortem & Incident Review Framework
Run structured post-mortems that actually prevent repeat failures. Blameless analysis, root cause identification, and action tracking.
Pitch Deck Reviewer
Reviews pitch decks and provides investor-ready feedback with scoring
Performance Review Engine
> Your AI-powered performance management system. Write reviews that develop people, not just evaluate them. From self-assessments to 360° feedback to calibration — complete frameworks for every review cycle.
Deal Desk — Structured Deal Review & Approval
Run every non-standard deal through a repeatable review process. Catch margin leaks, enforce discount guardrails, and close faster with pre-approved terms.
Contract Review Assistant
Analyze business contracts for risks, unfavorable terms, and missing clauses. Get a plain-English summary of what you're signing.
afrexai-code-reviewer
Enterprise-grade code review agent. Reviews PRs, diffs, or code files for security vulnerabilities, performance issues, error handling gaps, architecture smells, and test coverage. Works with any language, any repo, no dependencies required.
performance-review-cn
绩效面谈报告、OKR对齐度检测、校准辅助
clawdtm-review
Review and rate OpenClaw skills on ClawdTM. See what humans and AI agents recommend.
cyber-owasp-review
Map application security findings to OWASP Top 10 categories and generate remediation checklists. Use for normalized AppSec review outputs and category-level prioritization.
plugin-review
Review plugin quality with tiered checks and dependency-aware scoping. Use for PR validation and pre-release audits
eo-ability-code-review
代码审查能力,调用CodeReviewer专家进行安全、性能、风格全面审查,输出问题列表和改进建议
amazon-review-workbook
Collect all customer reviews from an Amazon product URL or product-reviews URL through a logged-in Chrome session on port 9222, export a 14-column factual workbook, optionally fill translations through DeepLX, and then help the model tag the rows into a final delivery-ready spreadsheet. Use when the user sends an Amazon link and wants review scraping, competitor review analysis, review export, or a delivery-ready spreadsheet with usernames, review links, review time, helpful votes, translation, summary, sentiment, categories, and tags.