Run any Skill in Manus with one click

code-reviewer

Static analysis + AI review on Go code targeting edge and embedded systems. Runs go vet, staticcheck, gosec, and errcheck — then an AI pass focused on concurrency safety, goroutine leaks, context propagation, and low-memory patterns critical for <10MB edge deployments. Outputs CODE_REVIEW.md with CRITICAL/HIGH/MEDIUM/LOW severity. Adapted from Nanobot's Python code-reviewer for Go/edge runtime.

Run Skill in Manus

Overview

Install command

npx skills add https://github.com/mk-knight23/AI-Agent-PicoClaw --skill code-reviewer

Copy and paste this command into Claude Code to install the skill

Source

mk-knight23/AI-Agent-PicoClaw

Stars0

Forks0

UpdatedMarch 10, 2026 at 00:14

SKILL.md

readonly

name	code-reviewer
description	Static analysis + AI review on Go code targeting edge and embedded systems. Runs go vet, staticcheck, gosec, and errcheck — then an AI pass focused on concurrency safety, goroutine leaks, context propagation, and low-memory patterns critical for <10MB edge deployments. Outputs CODE_REVIEW.md with CRITICAL/HIGH/MEDIUM/LOW severity. Adapted from Nanobot's Python code-reviewer for Go/edge runtime.

code-reviewer

Go static analysis + AI review. Edge-focused: concurrency, memory, and goroutine safety.

Usage

@PicoClaw code-reviewer --path ./cmd/
@PicoClaw code-reviewer --diff HEAD~1..HEAD
@PicoClaw code-reviewer --file monitors/temp_monitor.go
@PicoClaw code-reviewer --strict       # Fail on MEDIUM+ issues

What It Runs

Tool	Purpose
`go vet`	Suspicious constructs, format string issues
`staticcheck`	Deprecated APIs, dead code, correctness
`gosec`	Security: hardcoded creds, path traversal, G-rules
`errcheck`	Unchecked errors (critical on edge: silent failures)
`goleak`	Goroutine leak detection in tests
AI review	Goroutine safety, context propagation, memory patterns

Files Created

CODE_REVIEW.md                  # Full report with severity-rated findings

Edge/PicoClaw-Specific Checks

Goroutine leaks: channels not closed, goroutines without done signals
Memory allocation: heap escapes on hot paths in embedded code
Context propagation: missing ctx in long-running operations
Signal handling: missing SIGTERM graceful shutdown
Cross-compilation: OS-specific code paths (build tags)
Binary size: imports that bloat the binary beyond <10MB target

Sample Report

## Summary
CRITICAL: 0 | HIGH: 1 | MEDIUM: 3 | LOW: 5

## HIGH Issues
### monitors/temp_monitor.go:47 — Unchecked error on sensor read
**Issue**: `sensor.Read()` return value not checked. Silent failure on disconnect.
**Fix**: `val, err := sensor.Read(); if err != nil { return fmt.Errorf(...) }`

## MEDIUM Issues
### cmd/agent.go:112 — Goroutine without done signal
...

Exit Codes (for CI)

picoclaw code-reviewer --path ./... --strict
# Exit 0: no MEDIUM+ issues
# Exit 1: issues found above threshold

Philosophy

On a $10 device with 256MB RAM, silent errors and goroutine leaks don't get noticed until the device is rebooted at 3 AM. Every unchecked error is a ticking clock.

More from this repository

same repository

deploy-everywhere

mk-knight23/AI-Agent-PicoClaw

Cross-compile PicoClaw Go binaries for all supported hardware targets and deploy them in one command. Supports: LicheeRV Nano (RISC-V), Raspberry Pi Zero (ARMv6), Pi 3/4/5 (ARM64), MIPS routers, old Android phones (ARM64), and x86_64 servers. Generates platform-specific init scripts (systemd/OpenWrt procd/Android service), then SCP-deploys and restarts. Adapted from OpenClaw's multi-platform deployment skill for Go cross-compilation.

2026-03-100

security-scanner

mk-knight23/AI-Agent-PicoClaw

Go security audit for edge deployments: govulncheck for CVEs in Go modules, gosec for code-level security patterns, nancy for supply chain vulnerabilities, and analysis of network exposure on edge hardware (open ports, default credentials, TLS config). Generates SECURITY_REPORT.md. Adapted from ZeroClaw's Rust security-scanner for Go and IoT edge deployments.

2026-03-100

add-gmail

mk-knight23/AI-Agent-PicoClaw

Adds Gmail monitoring to PicoClaw via IMAP over TLS using pure Go. Creates channels/gmail.go with an IMAP poller using the go-imap library, polls INBOX for unread messages, drafts replies through the agent, and sends via SMTP. Compiles to a static binary with no CGo. Requires a Gmail App Password (not your Google account password).

2026-03-060

add-obsidian

mk-knight23/AI-Agent-PicoClaw

Mounts an Obsidian vault as a read-only knowledge source for PicoClaw. Creates tools/vault_search.go using Go's filepath.WalkDir and strings.Contains for fast zero-allocation search. Registers vault_search as a tool available to the agent. Works on any directory of Markdown files — synced vault, remote mount, or local copy. Requires the vault accessible as a filesystem path.

2026-03-060

add-slack

mk-knight23/AI-Agent-PicoClaw

Adds Slack integration to PicoClaw using the Slack Real Time Messaging API over WebSocket in pure Go. Creates channels/slack.go using gorilla/websocket, handles app_mention events, routes to the skill dispatcher, and replies in-thread. Compiles to a static binary. Requires a Slack bot token and app token with Socket Mode enabled.

2026-03-060

add-supabase

mk-knight23/AI-Agent-PicoClaw

Adds Supabase as PicoClaw's persistent backend using the Supabase REST API via Go's net/http. No heavy ORM — plain HTTP requests with JSON marshaling. Creates db/supabase.go with typed table helpers, db/migrations/001_init.sql for schema, and registers memory tools. Compiles to a static binary with zero CGo. Requires a Supabase project URL and anon key.

2026-03-060

Source

mk-knight23

mk-knight23/AI-Agent-PicoClaw

View GitHub Repository View Creator Repositories

Install command

Download

Run Skill in Manus

Useful forSOC

Software Quality Assurance Analysts and TestersComputer and Mathematical Occupations15-1253L4

name	code-reviewer
description	Static analysis + AI review on Go code targeting edge and embedded systems. Runs go vet, staticcheck, gosec, and errcheck — then an AI pass focused on concurrency safety, goroutine leaks, context propagation, and low-memory patterns critical for <10MB edge deployments. Outputs CODE_REVIEW.md with CRITICAL/HIGH/MEDIUM/LOW severity. Adapted from Nanobot's Python code-reviewer for Go/edge runtime.

code-reviewer

Go static analysis + AI review. Edge-focused: concurrency, memory, and goroutine safety.

Usage

@PicoClaw code-reviewer --path ./cmd/
@PicoClaw code-reviewer --diff HEAD~1..HEAD
@PicoClaw code-reviewer --file monitors/temp_monitor.go
@PicoClaw code-reviewer --strict       # Fail on MEDIUM+ issues

What It Runs

Tool	Purpose
`go vet`	Suspicious constructs, format string issues
`staticcheck`	Deprecated APIs, dead code, correctness
`gosec`	Security: hardcoded creds, path traversal, G-rules
`errcheck`	Unchecked errors (critical on edge: silent failures)
`goleak`	Goroutine leak detection in tests
AI review	Goroutine safety, context propagation, memory patterns

Files Created

CODE_REVIEW.md                  # Full report with severity-rated findings

Edge/PicoClaw-Specific Checks

Goroutine leaks: channels not closed, goroutines without done signals
Memory allocation: heap escapes on hot paths in embedded code
Context propagation: missing ctx in long-running operations
Signal handling: missing SIGTERM graceful shutdown
Cross-compilation: OS-specific code paths (build tags)
Binary size: imports that bloat the binary beyond <10MB target

Sample Report

## Summary
CRITICAL: 0 | HIGH: 1 | MEDIUM: 3 | LOW: 5

## HIGH Issues
### monitors/temp_monitor.go:47 — Unchecked error on sensor read
**Issue**: `sensor.Read()` return value not checked. Silent failure on disconnect.
**Fix**: `val, err := sensor.Read(); if err != nil { return fmt.Errorf(...) }`

## MEDIUM Issues
### cmd/agent.go:112 — Goroutine without done signal
...

Exit Codes (for CI)

picoclaw code-reviewer --path ./... --strict
# Exit 0: no MEDIUM+ issues
# Exit 1: issues found above threshold

Philosophy

On a $10 device with 256MB RAM, silent errors and goroutine leaks don't get noticed until the device is rebooted at 3 AM. Every unchecked error is a ticking clock.