diff --git a/.agents/skills/autoreview/SKILL.md b/.agents/skills/autoreview/SKILL.md index c132173d429..6da7daee3e5 100644 --- a/.agents/skills/autoreview/SKILL.md +++ b/.agents/skills/autoreview/SKILL.md @@ -28,6 +28,7 @@ Use when: - Treat the helper's successful exit plus absence of actionable findings as the clean review result, even if the underlying Codex CLI output is terse. - If rejecting a finding as intentional/not worth fixing, add a brief inline code comment only when it explains a real invariant or ownership decision that future reviewers should know. - Do not push just to review. Push only when the user requested push/ship/PR update. +- In OpenClaw, keep autoreview validation Crabbox/Testbox-aware. A review pass may inspect files and run cheap non-Node probes, but it must not start local `pnpm`, Vitest, `tsgo`, `npm test`, or `node scripts/run-vitest.mjs` from a Codex/worktree review unless the operator explicitly requested local proof. For runtime proof, use existing evidence or route through `OPENCLAW_TESTBOX=1` / Crabbox/Testbox and report the id. ## Pick Target @@ -50,7 +51,7 @@ git fetch origin codex review --base origin/main ``` -Do not pass an inline prompt with `--base`; current CLI rejects `--base` + `[PROMPT]` even though help text is ambiguous. If custom instructions are needed, run the plain base review first, then do a local/manual follow-up pass. +Do not pass an inline prompt with `--base`; some CLI versions reject `--base` + `[PROMPT]` even though help text is ambiguous. If custom instructions are needed, prefer stdin prompt form (`codex review --base -`) as used by the helper. If an open PR exists, use its actual base: @@ -115,6 +116,7 @@ The helper: - writes only to stdout unless `--output` or `AUTOREVIEW_OUTPUT` is set - supports `--dry-run`, `--parallel-tests`, and commit refs - runs nested review with `--dangerously-bypass-approvals-and-sandbox --sandbox danger-full-access` by default +- injects OpenClaw validation policy into native Codex review so local memory-heavy Node/Vitest checks are avoided in favor of Crabbox/Testbox proof - keeps accepting `--full-access`; use `--no-yolo` or `AUTOREVIEW_YOLO=0` to opt out - still accepts legacy `CODEX_REVIEW_*` env vars when the matching `AUTOREVIEW_*` var is unset - prints `autoreview clean: no accepted/actionable findings reported` when the selected review command exits 0 diff --git a/.agents/skills/autoreview/scripts/autoreview b/.agents/skills/autoreview/scripts/autoreview index c442edec774..0931c07cebd 100755 --- a/.agents/skills/autoreview/scripts/autoreview +++ b/.agents/skills/autoreview/scripts/autoreview @@ -51,6 +51,7 @@ yolo=${AUTOREVIEW_YOLO:-${CODEX_REVIEW_YOLO:-1}} output=${AUTOREVIEW_OUTPUT:-${CODEX_REVIEW_OUTPUT:-}} parallel_tests= dry_run=false +codex_review_prompt= while [[ $# -gt 0 ]]; do case "$1" in @@ -201,6 +202,19 @@ else review_cmd=("$codex_bin" "${codex_args[@]}" review --base "$base_ref") fi +repo_url=$(git -C "$repo_root" config --get remote.origin.url 2>/dev/null || true) +if [[ "$repo_url" == *"openclaw/openclaw"* ]]; then + codex_review_prompt=$(cat <<'EOF' +OpenClaw autoreview validation policy: +- Review the diff by reading code, tests, and dependency contracts. +- Do not run local memory-heavy Node validation from review mode. This includes local pnpm checks/tests, Vitest, tsgo, npm test, and node scripts/run-vitest.mjs. +- If runtime proof is needed, use existing proof or route validation through OPENCLAW_TESTBOX=1 / Crabbox / Blacksmith Testbox and report the exact provider and id. +- If remote validation is not necessary for the finding, state the targeted proof that should be run instead of starting local tests. +EOF +) + review_cmd+=(-) +fi + printf 'autoreview target: %s\n' "$review_kind" printf 'branch: %s\n' "${current_branch:-detached}" if [[ -n "$pr_url" ]]; then @@ -221,6 +235,9 @@ if [[ "$reviewer" == auto || "$reviewer" == codex ]]; then printf 'review:' printf ' %q' "${review_cmd[@]}" printf '\n' + if [[ -n "$codex_review_prompt" ]]; then + printf 'review policy: OpenClaw Crabbox/Testbox-aware validation prompt injected\n' + fi else printf 'review: %s prompt review\n' "$reviewer" fi @@ -265,7 +282,11 @@ trap cleanup EXIT run_review() { mkdir -p "$(dirname "$review_output")" - "${review_cmd[@]}" 2>&1 | tee "$review_output" + if [[ -n "$codex_review_prompt" ]]; then + printf '%s\n' "$codex_review_prompt" | "${review_cmd[@]}" 2>&1 | tee "$review_output" + else + "${review_cmd[@]}" 2>&1 | tee "$review_output" + fi } diff_for_review() { @@ -306,6 +327,7 @@ Rules: - Review the proposed code change as a closeout reviewer. - Focus on the diff below. If your CLI exposes read-only repository tools, inspect surrounding code and tests to verify findings; never modify files. - Do not modify files. +- In OpenClaw, do not run local memory-heavy Node validation from review mode. Avoid local pnpm checks/tests, Vitest, tsgo, npm test, and node scripts/run-vitest.mjs. If runtime proof is needed, use existing proof or route validation through OPENCLAW_TESTBOX=1 / Crabbox / Blacksmith Testbox and report the exact provider and id. - Report only discrete, actionable issues introduced by this change. - Prioritize correctness, regressions, security, data loss, performance cliffs, and missing tests that would catch a real bug. - Do not report pre-existing issues, speculative risks, broad rewrites, style nits, changelog gaps, or findings that depend on unstated assumptions.