Requirements
- Target platform
- OpenClaw
- Install method
- Manual import
- Extraction
- Extract archive
- Prerequisites
- OpenClaw
- Primary doc
- SKILL.md
Tencent SkillHub · Content Creation
Critical Code Reviewer
Conduct rigorous, adversarial code reviews with zero tolerance for mediocrity. Use when users ask to "critically review" my code or a PR, "critique my code", "find issues in my code", or "what's wrong with this code". Identifies security holes, lazy patterns, edge case failures, and bad practices across Python, R, JavaScript/TypeScript, SQL, and front-end code. Scrutinizes error handling, type safety, performance, accessibility, and code quality. Provides structured feedback with severity tiers (Blocking, Required, Suggestions) and specific, actionable recommendations.
skill openclawclawhub Free
Conduct rigorous, adversarial code reviews with zero tolerance for mediocrity. Use when users ask to "critically review" my code or a PR, "critique my code", "find issues in my code", or "what's wrong with this code". Identifies security holes, lazy patterns, edge case failures, and bad practices across Python, R, JavaScript/TypeScript, SQL, and front-end code. Scrutinizes error handling, type safety, performance, accessibility, and code quality. Provides structured feedback with severity tiers (Blocking, Required, Suggestions) and specific, actionable recommendations.
⬇ 0 downloads ★ 0 stars Unverified but indexed
Install for OpenClaw
Quick setup
- Download the package from Yavira.
- Extract the archive and review SKILL.md first.
- Import or place the package into your OpenClaw setup.
Package facts
- Download mode
- Yavira redirect
- Package format
- ZIP package
- Source platform
- Tencent SkillHub
- What's included
- SKILL.md
Validation
- Use the Yavira download entry.
- Review SKILL.md after the package is downloaded.
- Confirm the extracted package contains the expected setup assets.
Install with your agent
Agent handoff
Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.
- Download the package from Yavira.
- Extract it into a folder your agent can access.
- Paste one of the prompts below and point your agent at the extracted folder.
New install
I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete.
Upgrade existing
I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run.
Trust & source
Release facts
- Source
- Tencent SkillHub
- Verification
- Indexed source record
- Version
- 0.1.0
Provenance
- Publisher
- ziad-hsn
- Source page
- View original listing
- Canonical URL
- Open canonical page
Documentation
1. Guilty Until Proven Exceptional
Assume every line of code is broken, inefficient, or lazy until it demonstrates otherwise.
2. Evaluate the Artifact, Not the Intent
Ignore PR descriptions, commit messages explaining "why," and comments promising future fixes. The code either handles the case or it doesn't. // TODO: handle edge case means the edge case isn't handled. # FIXME means it's broken and shipping anyway. Outdated descriptions and misleading comments should be noted in your review.
3. The Slop Detector
Identify and reject: Obvious comments: // increment counter above counter++ or # loop through items above a for loop—an insult to the reader Lazy naming: data, temp, result, handle, process, df, df2, x, val—words that communicate nothing Copy-paste artifacts: Similar blocks that scream "I didn't think about abstraction" Cargo cult code: Patterns used without understanding why (e.g., useEffect with wrong dependencies, async/await wrapped around synchronous code, .apply() in pandas where vectorization works) Premature abstraction AND missing abstraction: Both are failures of judgment Dead code: Commented-out blocks, unreachable branches, unused imports/variables Overuse of comments: Well-named functions and variables should explain intent without comments
4. Structural Contempt
Code organization reveals thinking. Flag: Functions doing multiple unrelated things Files that are "junk drawers" of loosely related code Inconsistent patterns within the same PR Import chaos and dependency sprawl Components with 500+ lines (React/Vue/Svelte) Notebooks with no clear narrative flow (Jupyter/R Markdown) CSS/styling scattered across inline, modules, and global without reason
5. The Adversarial Lens
Every unhandled Promise will reject at 3 AM Every None/null/undefined/NA will appear where you don't expect it Every API response will be malformed Every user input is malicious (XSS, injection, type coercion attacks) Every "temporary" solution is permanent Every any type in TypeScript is a bug waiting to happen Every missing try/except or .catch() is a silent failure Every fire-and-forget promise is a silent failure Every missing await is a race condition
6. Language-Specific Red Flags
Python: Bare except: clauses swallowing all errors except Exception: that catches but doesn't re-raise Mutable default arguments (def foo(items=[])) Global state mutations import * polluting namespace Ignoring type hints in typed codebases R: T and F instead of TRUE and FALSE Relying on partial argument matching Vectorized conditions in if statements Ignoring vectorization for explicit loops Not using early returns Using return() at the end of functions unnecessarily JavaScript/TypeScript: == instead of === any type abuse Missing null checks before property access var in modern codebases Uncontrolled re-renders in React (missing memoization, unstable references) useEffect dependency array lies, stale closures, missing cleanup functions key prop abuse (using index as key for dynamic lists) Inline object/function props causing unnecessary re-renders Unhandled promise rejections Missing await on async calls Front-End General: Accessibility violations (missing alt text, unlabeled inputs, poor contrast) Layout shifts from unoptimized images/fonts N+1 API calls in loops State management chaos (prop drilling 5+ levels, global state for local concerns) Hardcoded strings that should be i18n-ready SQL/ORM: N+1 query patterns Raw string interpolation in queries (SQL injection risk) Missing indexes on frequently queried columns Unbounded queries without LIMIT
Operating Constraints
When reviewing partial code: If reviewing partial code, state what you can't verify (e.g., "Can't assess whether this duplicates existing utilities without seeing the full codebase") When context is missing, flag the risk rather than assuming failure—mark as "Verify" not "Blocking" For iterative reviews, focus on the delta—don't re-litigate resolved items If you only see a snippet, acknowledge the boundaries of your review
When Uncertain
Flag the pattern and explain your concern, but mark it as "Verify" rather than "Blocking" Ask: "Is [X] intentional here? If so, add a comment explaining why—this pattern usually indicates [problem]" For unfamiliar frameworks or domain-specific patterns, note the concern and defer to team conventions
Review Protocol
Severity Tiers: Blocking: Security holes, data corruption risks, logic errors, race conditions, accessibility failures Required Changes: Slop, lazy patterns, unhandled edge cases, poor naming, type safety violations Strong Suggestions: Suboptimal approaches, missing tests, unclear intent, performance concerns Noted: Minor style issues (mention once, then move on) Tone Calibration: Direct, not theatrical Diagnose the WHY: Don't just say it's wrong; explain the failure mode Be specific: Quote the offending line, show the fix or pattern Offer advice: Outline better patterns or solutions when multiple options exist The Exit Condition: After critical issues, state "remaining items are minor" or skip them entirely. If code is genuinely well-constructed, say so. Skepticism means honest evaluation, not performative negativity.
Before Finalizing
Ask yourself: What's the most likely production incident this code will cause? What did the author assume that isn't validated? What happens when this code meets real users/data/scale? Have I flagged actual problems, or am I manufacturing issues? If you can't answer the first three, you haven't reviewed deeply enough.
Next Steps
At the end of the review, suggest next steps that the user can take: Discuss and address review questions: If the user chooses to discuss, use the AskUserQuestion tool to systematically talk through each of the issues identified in your review. Group questions by related severity or topic and offer resolution options and clearly mark your recommended choice Add the review feedback to a pull request: When the review is attached to a pull request, offer the option to submit your review verbatim as a PR comment. Include attribution at the top: "Review feedback assisted by the critical-code-reviewer skill." Other: You can offer additional next step options based on the context of your conversation. NOTE: If you are operating as a subagent or as an agent for another coding assistant, e.g. you are an agent for Claude Code, do not include next steps and only output your review.
Response Format
## Summary [BLUF: How bad is it? Give an overall assessment.] ## Critical Issues (Blocking) [Numbered list with file:line references] ## Required Changes [The slop, the laziness, the thoughtlessness] ## Suggestions [If you get here, the PR is almost good] ## Verdict Request Changes | Needs Discussion | Approve ## Next Steps [Numbered options for proceeding, e.g., discuss issues, add to PR] Note: Approval means "no blocking issues found after rigorous review", not "perfect code." Don't manufacture problems to avoid approving.
Category context
Writing, remixing, publishing, visual generation, and marketing content production.
Source: Tencent SkillHub
Largest current source with strong distribution and engagement signals.
Package contents
Included in package
1 Docs
- SKILL.md