{"id":51136345,"url":"https://github.com/shinpr/pr-review-skill","last_synced_at":"2026-06-25T18:30:24.939Z","repository":{"id":366141050,"uuid":"1274128320","full_name":"shinpr/pr-review-skill","owner":"shinpr","description":"Review GitHub PRs with repository-specific quality criteria, isolated Claude and Codex reviewers, and structured findings that converge into actionable feedback.","archived":false,"fork":false,"pushed_at":"2026-06-20T11:56:28.000Z","size":97,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-06-20T13:27:31.195Z","etag":null,"topics":["agent-skills","ai-code-review","claude-code","code-review","code-review-automation","codex","developer-tools","github","multi-agent","pull-request","skills"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/shinpr.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-06-19T07:49:59.000Z","updated_at":"2026-06-20T11:56:29.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/shinpr/pr-review-skill","commit_stats":null,"previous_names":["shinpr/pr-review-skill"],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/shinpr/pr-review-skill","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/shinpr%2Fpr-review-skill","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/shinpr%2Fpr-review-skill/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/shinpr%2Fpr-review-skill/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/shinpr%2Fpr-review-skill/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/shinpr","download_url":"https://codeload.github.com/shinpr/pr-review-skill/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/shinpr%2Fpr-review-skill/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34788252,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-25T02:00:05.521Z","response_time":101,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["agent-skills","ai-code-review","claude-code","code-review","code-review-automation","codex","developer-tools","github","multi-agent","pull-request","skills"],"created_at":"2026-06-25T18:30:24.415Z","updated_at":"2026-06-25T18:30:24.930Z","avatar_url":"https://github.com/shinpr.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# PR Review Plugin\n\n![PR Review plugin banner](docs/assets/pr-review-readme-cover.jpg)\n\nPR Review is a Claude Code and Codex plugin for reviewing GitHub pull requests with reviewer agents that operate on a repeatable PR snapshot and return structured findings.\n\nIt gathers PR metadata, changed files, diffs, prior comments, and repository context into a repeatable review snapshot. Review requests produce structured findings and ask before posting eligible GitHub comments.\n\n```text\nPull Request\n      |\n      v\nContext Collector\n      |\n      v\nReviewer Agent(s)\n      |\n      v\nStructured Findings\n      |\n      v\nComment Publisher\n```\n\n## Install\n\nClaude Code:\n\n```text\n/plugin marketplace add shinpr/pr-review-skill\n/plugin install pr-review@pr-review-tools\n```\n\nCodex:\n\n```sh\ncodex plugin marketplace add shinpr/pr-review-skill\ncodex plugin add pr-review@pr-review-tools\n```\n\nThen start a new Claude Code or Codex session so the installed skill is loaded.\n\n## Use\n\nClaude Code uses slash commands:\n\n```text\n/recipe-pr-review Review https://github.com/OWNER/REPO/pull/123.\n```\n\nCodex uses skill invocation with `$`:\n\n```text\n$recipe-pr-review Review https://github.com/OWNER/REPO/pull/123.\n```\n\nThe first run creates `.agents/pr-review/config.yaml` and an empty quality profile at `.agents/pr-review/quality/code.yaml` if they are missing. The plugin leaves repository ignore rules under your control.\n\n## GitHub Actions / CI\n\nSample GitHub Actions workflows are available under `samples/github-actions/`:\n\n- `claude-code-review.yml` runs the Claude Code reviewer.\n- `codex-review.yml` runs the Codex reviewer.\n\nCopy one or both files into your repository's `.github/workflows/` directory and set the matching API key secret:\n\n- Claude Code: `ANTHROPIC_API_KEY`\n- Codex: `CODEX_API_KEY`\n\nThe sample workflows intentionally avoid push-triggered reviews to keep CI cost predictable. They run when:\n\n- a draft PR is marked ready for review;\n- an `OWNER`, `MEMBER`, or `COLLABORATOR` starts a PR comment with `/pr-review claude` or `/pr-review codex`;\n- a maintainer starts the workflow manually with `workflow_dispatch`.\n\nThe workflows fetch this plugin from `PR_REVIEW_SKILL_REPO` at `PR_REVIEW_SKILL_REF`, defaulting to `shinpr/pr-review-skill` and `v0.1.1`. Override these repository variables when testing a branch, a fork, or a newer release:\n\n```text\nPR_REVIEW_SKILL_REPO=OWNER/pr-review-skill\nPR_REVIEW_SKILL_REF=ci-workflow-experiment\nPR_REVIEW_CLAUDE_MODEL=sonnet\nPR_REVIEW_CODEX_MODEL=gpt-5.4\nPR_REVIEW_POST_COMMENTS=true\nCLAUDE_CODE_VERSION=2.1.183\n```\n\nThe comment trigger uses the base repository security context and can access configured secrets. Treat PR content as untrusted input: keep the workflow scripts pinned to a trusted plugin ref, keep `persist-credentials: false`, and do not add steps that execute code from the PR head before the reviewer runs. The reviewer reads repository configuration from the checked-out PR snapshot, so review `.agents/pr-review/config.yaml` changes before invoking comment-triggered reviews on untrusted PRs.\n\nEach workflow uploads raw and normalized review artifacts for inspection. Successful posting cleans the temporary context directory from the runner after artifacts are uploaded.\n\n## Configuration\n\nRepository settings live in `.agents/pr-review/config.yaml`. The file controls where review state is stored, which quality profile is loaded, which reviewer engines run, and which finding severities are eligible for GitHub posting.\n\nDefault config:\n\n```yaml\nversion: 1\nposting:\n  severities:\n    - must\n    - should\nreview:\n  default_engine: self\n  additional_engines: []\n  output_language: en\nquality:\n  path: .agents/pr-review/quality/code.yaml\nworkspace:\n  tmp_dir: .agents/tmp/pr-review\nguidance:\n  include_files:\n    - AGENTS.md\n    - CLAUDE.md\n    - .github/copilot-instructions.md\n```\n\n### Posting\n\nBefore sending GitHub comments, the skill shows a posting summary and asks for approval.\n\nChange `posting.severities` to choose which of `must`, `should`, and `nit` are posted.\n\nReviewers may still produce raw findings outside this list. `question` is a raw reviewer concern that the orchestrator must either convert to `should` or move to notes before posting. For example, the default posts only `must` and `should`; unresolved questions and `nit` findings stay out of final posted findings.\n\n### Review Engines\n\nSet `review.default_engine` to `self`, `claude`, or `codex`. `self` means Claude Code uses the Claude Code reviewer and Codex uses the Codex reviewer. Add the other engine to `review.additional_engines` when you want both reviewers.\n\nWhen both reviewers run, the host agent combines their JSON outputs by root cause using the collected PR snapshot. The combined JSON is validated against the review schema. Exact duplicate prevention still runs at posting time as a safety net.\n\n`review.output_language` controls the language used in human-facing review text. JSON keys and severity labels stay English.\n\nClaude reviewer runs use Claude Code permission bypass with write tools disabled, so non-interactive reviews do not stop on permission prompts. Use this plugin for repositories and PRs you are willing to inspect from your local machine. Codex reviewer runs use Codex read-only sandboxing.\n\n### Paths And Context\n\n`quality.path` points to the repository-specific quality profile. The first run creates an empty profile there when the file is missing.\n\n`workspace.tmp_dir` is where collected PR snapshots, diffs, prior comments, and reviewer JSON are written while a review is running. Successful posting can clean this directory; failed runs keep it for inspection.\n\n`guidance.include_files` adds repository guidance documents to reviewer context.\n\n## How Reviews Are Posted\n\nThe reviewer returns structured findings first. GitHub comments are sent after the user approves the posting summary. The configured severity list controls which findings are eligible.\n\n## Quality Profile\n\nUse the quality profile for repository-specific review expectations. Prefer rules derived from the repository itself, such as API contracts, schema conventions, generated-code ownership, migration procedures, security boundaries, deployment constraints, and testing requirements.\n\nAsk the skill to create or improve it from repository sources:\n\n```text\n/recipe-pr-review Create a quality profile for this repository.\n```\n\n```text\n$recipe-pr-review Create a quality profile for this repository.\n```\n\nWhen creating a quality profile, the skill inspects repository sources such as `AGENTS.md`, `CLAUDE.md`, `README.md`, `CONTRIBUTING.md`, docs, CI workflows, package scripts, Makefiles, schemas, API clients, tests, and deployment notes. It proposes changes before updating the profile.\n\nQuality rules are concrete, repository-specific `pass` conditions:\n\n```yaml\nproject_rules:\n  - id: api-error-contract\n    pass: API handlers return the repository-standard error envelope and clients parse that envelope through the shared client utilities.\n  - id: generated-schema-ownership\n    pass: Generated schema files are updated through the documented generator command, with source schema changes in the same PR.\n```\n\nRules describe repository-specific expectations that can be verified from the PR.\n\n## License\n\nMIT\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fshinpr%2Fpr-review-skill","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fshinpr%2Fpr-review-skill","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fshinpr%2Fpr-review-skill/lists"}