技能 pr-review

📦

pr-review

Name: pr-review
Author: MiniMax-AI

低風險

審查合併請求以確保 Skill 品質

手動審查 MiniMax Skills 儲存庫中的合併請求可能會遺漏結構性問題和品質標準。本 Skill 提供自動化驗證和引導式內容審查，確保每個 Skill 在合併前皆符合儲存庫標準。

支援: Claude Codex Code(CC)

🥈 78 白銀

下載技能 ZIP

在 Claude 中上傳

前往設定 → 功能 → 技能 → 上傳技能

開啟並開始使用

測試它

正在使用「pr-review」。 Review PR #42 adding a new weather-api skill

預期結果:

Phase 1 Validation: PASS - validate_skills.py exited with code 0
Phase 2 審查：
- Skill 範圍：與既有 skills 無重疊
- 描述品質：包含觸發條件與關鍵字
- 檔案大小：SKILL.md 共 45 行，參考檔案共 120 行
- 憑證處理：API 金鑰已記錄為必要的環境變數
- 指令稿品質：包含 shebang、requirements.txt 已附上、錯誤處理明確
- 語言：所有內容皆為英文
- README 同步：README.md 與 README_zh.md 皆已更新，來源為 Community
結論：核准 — 所有檢查皆通過

正在使用「pr-review」。 Validate the weather-api skill submission

預期結果:

Validating 1 skill(s)...
[PASS] skills/weather-api
0 errors, 0 warnings
Validation PASSED.
Name matches directory. Frontmatter valid. No secrets detected.

安全審計

低風險

v1 • 4/16/2026

All 70 static analysis findings are false positives. The scanner misinterpreted Markdown backtick code fences (used for documentation formatting) as Ruby/shell command execution. Blocker findings for 'weak cryptographic algorithm' matched on secret-scanning regex patterns in the validation script, not actual cryptography. 'System reconnaissance' findings matched standard PR review terminology in documentation. No malicious intent, data exfiltration, or unsafe behavior was found. The skill is a legitimate PR review tool with a Python validation script that uses only standard library modules.

已掃描檔案

393

分析行數

發現項

審計總數

低風險問題 (3)

SKILL.md:22-24 references/quality-guidelines.md:21-22 references/structure-rules.md:9-17

Static Scanner False Positives - Markdown Code Fences

The static analyzer flagged 41 instances of Markdown backtick code fences as Ruby/shell backtick execution. These are documentation formatting characters, not command execution. All findings in SKILL.md, references/quality-guidelines.md, and references/structure-rules.md are inline code examples or code blocks showing users how to run commands.

scripts/validate_skills.py:76-80 references/structure-rules.md:42-48

Static Scanner False Positives - Secret Scanning Regex Misidentified

26 blocker findings for 'weak cryptographic algorithm' matched on regex patterns used for secret detection (sk-, AKIA, Bearer token patterns) in scripts/validate_skills.py and documentation describing what the scanner looks for. These are not cryptographic operations but string pattern matching for credential detection.

references/quality-guidelines.md:3 references/structure-rules.md:3

Static Scanner False Positives - Documentation Terminology

Low-severity 'system reconnaissance' findings matched on standard PR review terminology such as 'review', 'check', and 'scan' in documentation text. These are not system scanning operations.

審計者: claude

品質評分

架構

100

可維護性

內容

社群

安全

規範符合性

你能建構什麼

Skill 提交之自動化 PR 驗證

在開始手動審查前，執行驗證指令碼以檢查新 skill 提交是否符合結構需求。

既有 skill 的品質審查

套用內容審查指南以評估 skill 描述、檔案大小及憑證處理實務。

統一 skill 文件格式

確保儲存庫中所有 skill 遵循一致的命名、frontmatter 格式與文件標準。

試試這些提示

基本 PR 審查

Review this pull request for the MiniMax Skills repository. Run the validation script first, then check the PR against the quality guidelines.

驗證新 skill

Validate the new skill in this PR. Check that SKILL.md has valid frontmatter, required fields, no hardcoded secrets, and follows the kebab-case naming convention.

完整品質稽核

Perform a complete review of this PR. Phase 1: run validate_skills.py and check all ERROR items pass. Phase 2: review description quality, file size, API key handling, script quality, language, and README sync status.

稽核多個 skills

Run the validation script across all skills in the repository. List any that fail ERROR checks or have WARNING items. For failures, summarize what needs to be fixed.