home / skills / openclaw / openclaw / review-pr

review-pr skill

This skill analyzes a given pull request in a read-only, deterministic way and produces structured review outputs for handoff.

npx playbooks add skill openclaw/openclaw --skill review-pr

Review the files below or copy the command above to add this skill to your agents.

Files (2)

SKILL.md

2.7 KB

---
name: review-pr
description: Script-first review-only GitHub pull request analysis. Use for deterministic PR review with structured findings handoff to /prepare-pr.
---

# Review PR

## Overview

Perform a read-only review and produce both human and machine-readable outputs.

## Inputs

- Ask for PR number or URL.
- If missing, always ask.

## Safety

- Never push, merge, or modify code intended to keep.
- Work only in `.worktrees/pr-<PR>`.
- Wrapper commands are cwd-agnostic; you can run them from repo root or inside the PR worktree.

## Execution Contract

1. Run wrapper setup:

```sh
scripts/pr-review <PR>
```

2. Use explicit branch mode switches:

- Main baseline mode: `scripts/pr review-checkout-main <PR>`
- PR-head mode: `scripts/pr review-checkout-pr <PR>`

3. Before writing review outputs, run branch guard:

```sh
scripts/pr review-guard <PR>
```

4. Write both outputs:

- `.local/review.md` with sections A through J.
- `.local/review.json` with structured findings.

5. Validate artifacts semantically:

```sh
scripts/pr review-validate-artifacts <PR>
```

## Steps

1. Setup and metadata

```sh
scripts/pr-review <PR>
ls -la .local/pr-meta.json .local/pr-meta.env .local/review-context.env .local/review-mode.env
```

2. Existing implementation check on main

```sh
scripts/pr review-checkout-main <PR>
rg -n "<keyword>" -S src extensions apps || true
git log --oneline --all --grep "<keyword>" | head -20
```

3. Claim PR

```sh
gh_user=$(gh api user --jq .login)
gh pr edit <PR> --add-assignee "$gh_user" || echo "Could not assign reviewer, continuing"
```

4. Read PR description and diff

```sh
scripts/pr review-checkout-pr <PR>
gh pr diff <PR>

source .local/review-context.env
git diff --stat "$MERGE_BASE"..pr-<PR>
git diff "$MERGE_BASE"..pr-<PR>
```

5. Optional local tests

Use the wrapper for target validation and executed-test verification:

```sh
scripts/pr review-tests <PR> <test-file> [<test-file> ...]
```

6. Initialize review artifact templates

```sh
scripts/pr review-artifacts-init <PR>
```

7. Produce review outputs

- Fill `.local/review.md` sections A through J.
- Fill `.local/review.json`.

Minimum JSON shape:

```json
{
  "recommendation": "READY FOR /prepare-pr",
  "findings": [
    {
      "id": "F1",
      "severity": "IMPORTANT",
      "title": "...",
      "area": "path/or/component",
      "fix": "Actionable fix"
    }
  ],
  "tests": {
    "ran": [],
    "gaps": [],
    "result": "pass"
  },
  "docs": "up_to_date|missing|not_applicable",
  "changelog": "required"
}
```

8. Guard + validate before final output

```sh
scripts/pr review-guard <PR>
scripts/pr review-validate-artifacts <PR>
```

## Guardrails

- Keep review read-only.
- Do not delete worktree.
- Use merge-base scoped diff for local context to avoid stale branch drift.

Overview

This skill performs a script-first, read-only review of a GitHub pull request and produces both human- and machine-readable outputs for deterministic handoff to /prepare-pr. It enforces a strict execution contract, worktree isolation, and artifact validation to ensure reviews are reproducible and automatable. Use it to generate a structured review summary (.local/review.md) and a JSON findings file (.local/review.json).

How this skill works

The review runs through prescribed wrapper commands to set up a PR worktree, inspect the main baseline and the PR head, and produce scoped diffs from the merge-base. It never mutates the repository: all actions are performed in .worktrees/pr-<PR> and outputs live under .local. Before and after producing artifacts, automated guards and validators ensure the review meets the required shape and safety constraints.

When to use it

You need a deterministic, read-only PR review that feeds an automated prepare step.
When reviews must produce both human text and machine-readable findings for pipelines.
For PRs where merge-base scoped diffs are required to avoid stale-branch surprises.
When a reviewer must claim responsibility and record metadata without pushing changes.

Best practices

Always start by running scripts/pr-review <PR> so the worktree and metadata are initialized.
Use review-checkout-main and review-checkout-pr explicitly to compare baseline vs head.
Run scripts/pr review-guard <PR> before writing artifacts and again before finalizing.
Keep all review work under .worktrees/pr-<PR> and never delete the worktree from the review flow.
Validate .local/review.md and .local/review.json with scripts/pr review-validate-artifacts <PR> before finishing.

Example use cases

Automated reviewer for CI that must produce findings for downstream automated prepare and merge steps.
Human reviewer who needs a reproducible, auditable record of PR inspection and verdict.
Triage flow where multiple reviewers claim and annotate PRs without modifying branches.
Security or compliance checks that require read-only diff inspection scoped to merge-base.

FAQ

Can this skill modify branches or merge the PR?

No. The review process is strictly read-only and operates only in the PR worktree; it will never push, merge, or alter branches.

What artifacts are produced?

Two artifacts: .local/review.md with sections A–J for human consumption, and .local/review.json containing structured findings, tests metadata, docs status, and a recommendation.

How do I ensure my review is valid?

Run scripts/pr review-guard <PR> before writing outputs and scripts/pr review-validate-artifacts <PR> afterwards; follow the execution contract precisely.