Get the FREE Ultimate OpenClaw Setup Guide →

shell-review

Scanned
build
npx machina-cli add skill athola/claude-night-market/shell-review --openclaw
Files (1)
SKILL.md
3.0 KB

Table of Contents

Shell Script Review

Audit shell scripts for correctness, safety, and portability.

Verification

After review, run shellcheck <script> to verify fixes address identified issues.

Testing

Run pytest plugins/pensive/tests/skills/test_shell_review.py -v to validate review patterns.

Quick Start

/shell-review path/to/script.sh

When To Use

  • CI/CD pipeline scripts
  • Git hook scripts
  • Wrapper scripts (run-*.sh)
  • Build automation scripts
  • Pre-commit hook implementations

When NOT To Use

  • Non-shell scripts (Python, JS, etc.)
  • One-liner commands that don't need review

Required TodoWrite Items

  1. shell-review:context-mapped
  2. shell-review:exit-codes-checked
  3. shell-review:portability-checked
  4. shell-review:safety-patterns-verified
  5. shell-review:evidence-logged

Workflow

Step 1: Map Context (shell-review:context-mapped)

Identify shell scripts:

# Find shell scripts
find . -name "*.sh" -type f | head -20
# Check shebangs
grep -l "^#!/" scripts/ hooks/ 2>/dev/null | head -10

Document:

  • Script purpose and trigger context
  • Integration points (make, pre-commit, CI)
  • Expected inputs and outputs

Step 2: Exit Code Audit (shell-review:exit-codes-checked)

@include modules/exit-codes.md

Step 3: Portability Check (shell-review:portability-checked)

@include modules/portability.md

Step 4: Safety Patterns (shell-review:safety-patterns-verified)

@include modules/safety-patterns.md

Step 5: Evidence Log (shell-review:evidence-logged)

Use imbue:evidence-logging to record findings with file:line references.

Summarize:

  • Critical issues (failures masked, security risks)
  • Major issues (portability, maintainability)
  • Minor issues (style, documentation)

Output Format

## Summary
Shell script review findings

## Scripts Reviewed
- [list with line counts]

## Exit Code Issues
### [E1] Pipeline masks failure
- Location: script.sh:42
- Pattern: `cmd | grep` loses exit code
- Fix: Use pipefail or capture separately

## Portability Issues
[cross-platform concerns]

## Safety Issues
[unquoted variables, missing set flags]

## Recommendation
Approve / Approve with actions / Block

Exit Criteria

  • Exit code propagation verified
  • Portability issues documented
  • Safety patterns checked
  • Evidence logged

Source

git clone https://github.com/athola/claude-night-market/blob/master/plugins/pensive/skills/shell-review/SKILL.mdView on GitHub

Overview

Shell-script review checks for correctness, safety, and portability in scripts used in CI, hooks, and wrappers. It emphasizes documenting context, auditing exit codes, portability, safety patterns, and evidence logging to improve maintainability.

How This Skill Works

The skill guides you through five workflow steps: map context, audit exit codes, assess portability, verify safety patterns, and record findings with evidence logging. It relies on running shellcheck for fixes, and uses modules for exit codes, portability, and safety patterns. Output is a structured report with sections on exit code issues, portability and safety issues, and a recommended action.

When to Use It

  • CI/CD pipeline scripts
  • Git hook scripts
  • Wrapper scripts (run-*.sh)
  • Build automation scripts
  • Pre-commit hook implementations

Quick Start

  1. Step 1: Run the reviewer against a script, e.g. /shell-review path/to/script.sh
  2. Step 2: Review the generated findings focusing on exit codes, portability, and safety patterns
  3. Step 3: Apply fixes and re-run to verify all issues are addressed and logged

Best Practices

  • Map the script context and integration points (CI, hooks, or wrappers) before reviewing.
  • Run shellcheck after fixes to verify issues are addressed.
  • Audit exit codes to ensure failures propagate correctly (consider pipefail and explicit checks).
  • Evaluate portability across POSIX shells and Bash-specific features.
  • Log findings with evidence-logging and document critical, major, and minor issues.

Example Use Cases

  • Reviewing a CI pipeline script for robust error handling and environment checks.
  • Auditing a Git hook script to ensure it fails fast on errors and logs sufficient context.
  • Inspecting a run-*.sh wrapper to confirm consistent exit status propagation.
  • Validating a build automation script for cross-shell compatibility.
  • Examining a pre-commit hook to verify security-sensitive checks and proper logging.

Frequently Asked Questions

Add this skill to your agents

Related Skills

image-management

chaterm/terminal-skills

Docker 镜像管理

dockerfile

chaterm/terminal-skills

Dockerfile 编写最佳实践

Cross-Platform Build Expert

martinholovsky/claude-skills-generator

Expert in building desktop applications for Windows, macOS, and Linux with focus on platform-specific configurations, code signing, and distribution requirements

makefile-review

athola/claude-night-market

'Use this skill for Makefile audit and optimization. Use when auditing

Sponsor this space

Reach thousands of developers