// Review-only GitHub pull request analysis with the gh CLI. Use when asked to review a PR, provide structured feedback, or assess readiness to land. Do not merge, push, or make code changes you intend to keep.
| name | review-pr |
| description | Review-only GitHub pull request analysis with the gh CLI. Use when asked to review a PR, provide structured feedback, or assess readiness to land. Do not merge, push, or make code changes you intend to keep. |
Perform a thorough review-only PR assessment and return a structured recommendation on readiness for /preparepr.
main or origin/main, not during review, not ever.git push at all during review. Treat review as read only..local/review.md inside the worktree.Create a checklist of all review steps, print it, then continue and execute the commands.
Use an isolated worktree for all review work.
# Sanity: confirm you are in the repo
git rev-parse --show-toplevel
WORKTREE_DIR=".worktrees/pr-<PR>"
git fetch origin main
# Reuse existing worktree if it exists, otherwise create new
if [ -d "$WORKTREE_DIR" ]; then
cd "$WORKTREE_DIR"
git checkout temp/pr-<PR> 2>/dev/null || git checkout -b temp/pr-<PR>
git fetch origin main
git reset --hard origin/main
else
git worktree add "$WORKTREE_DIR" -b temp/pr-<PR> origin/main
cd "$WORKTREE_DIR"
fi
# Create local scratch space that persists across /reviewpr to /preparepr to /mergepr
mkdir -p .local
Run all commands inside the worktree directory.
Start on origin/main so you can check for existing implementations before looking at PR code.
gh pr view <PR> --json number,title,state,isDraft,author,baseRefName,headRefName,headRepository,url,body,labels,assignees,reviewRequests,files,additions,deletions --jq '{number,title,url,state,isDraft,author:.author.login,base:.baseRefName,head:.headRefName,headRepo:.headRepository.nameWithOwner,additions,deletions,files:.files|length,body}'
Assign yourself so others know someone is reviewing. Skip if the PR looks like spam or is a draft you plan to recommend closing.
Use the body from step 1. Summarize goal, scope, and missing context.
gh pr diff <PR>
Be honest. Call out low value AI slop.
Review correctness, design, performance, and ergonomics.
Check auth, input validation, secrets, dependencies, tool safety, and privacy.
Identify what exists, what is missing, and what would be a minimal regression test.
Check if the PR touches code with related documentation.
Check if the PR warrants a changelog entry.
Decide if /preparepr can fix issues or the contributor must update the PR.
Write the full structured review sections A through J to .local/review.md.
A) TL;DR recommendation B) What changed C) What is good D) Security findings E) Concerns or questions (actionable) - mark each as BLOCKER, IMPORTANT, or NIT F) Tests G) Docs status H) Changelog I) Follow ups (optional) J) Suggested PR comment (optional)
Security scanning and remediation for AI coding agents. Scan code for vulnerabilities, generate fix patches, detect sensitive data leaks, and produce compliance reports — all from your OpenClaw agent.
Merge a GitHub PR via squash after /preparepr. Use when asked to merge a ready PR. Do not push to main or modify code. Ensure the PR ends in MERGED state and clean up worktrees after success.
Prepare a GitHub PR for merge by rebasing onto main, fixing review findings, running gates, committing fixes, and pushing to the PR head branch. Use after /reviewpr. Never merge or push to main.