openclaw-autoreview
Pass
Audited by Gen Agent Trust Hub on Jul 3, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes git, GitHub CLI, and various AI reviewer CLIs via subprocesses. It employs a hardened command resolution logic that explicitly excludes the repository being reviewed from the executable search path, preventing local binary hijacking.
- [DATA_EXFILTRATION]: The orchestration script includes comprehensive regex-based scanners for secrets, private keys, and sensitive file paths (e.g., .env, .ssh). It refuses to include content in the review bundle if potential secrets are detected, mitigating the risk of data exposure.
- [REMOTE_CODE_EXECUTION]: The skill enforces strict isolation for AI engines by using flags like --safe-mode and --ignore-user-config. This prevents malicious project-local configuration files in a reviewed repository from triggering unauthorized code execution during the review process.
Audit Metadata