OpenSkillIndex← back to search
claude-code

Skills shell-review

Audit shell scripts for correctness, portability, and common pitfalls

install
source · Clone the upstream repo
git clone https://github.com/openclaw/skills
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/openclaw/skills "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/athola/nm-pensive-shell-review" ~/.claude/skills/clawdbot-skills-shell-review && rm -rf "$T"
manifest: skills/athola/nm-pensive-shell-review/SKILL.md
source content

Night Market Skill — ported from claude-night-market/pensive. For the full experience with agents, hooks, and commands, install the Claude Code plugin.

Table of Contents

Shell Script Review

Audit shell scripts for correctness, safety, and portability.

Verification

After review, run 

shellcheck <script>
to verify fixes address identified issues.

Testing

Run 

pytest plugins/pensive/tests/skills/test_shell_review.py -v
to validate review patterns.

Quick Start

/shell-review path/to/script.sh

When To Use

  • CI/CD pipeline scripts
  • Git hook scripts
  • Wrapper scripts (run-*.sh)
  • Build automation scripts
  • Pre-commit hook implementations

When NOT To Use

  • Non-shell scripts (Python, JS, etc.)
  • One-liner commands that don't need review

Required TodoWrite Items

  1. shell-review:context-mapped
  2. shell-review:exit-codes-checked
  3. shell-review:portability-checked
  4. shell-review:safety-patterns-verified
  5. shell-review:evidence-logged

Workflow

Step 1: Map Context (
shell-review:context-mapped
)

Identify shell scripts:

# Find shell scripts
find . -not -path "*/.venv/*" -not -path "*/__pycache__/*" \
  -not -path "*/node_modules/*" -not -path "*/.git/*" \
  -name "*.sh" -type f | head -20
# Check shebangs
rg -l "^#!/" scripts/ hooks/ 2>/dev/null | head -10
# fallback: grep -l "^#!/" scripts/ hooks/ 2>/dev/null | head -10

Document:

  • Script purpose and trigger context
  • Integration points (make, pre-commit, CI)
  • Expected inputs and outputs

Step 2: Exit Code Audit (
shell-review:exit-codes-checked
)

@include modules/exit-codes.md

Step 3: Portability Check (
shell-review:portability-checked
)

@include modules/portability.md

Step 4: Safety Patterns (
shell-review:safety-patterns-verified
)

@include modules/safety-patterns.md

Step 5: Evidence Log (
shell-review:evidence-logged
)

Use 

imbue:proof-of-work
to record findings with file:line references.

Summarize:

  • Critical issues (failures masked, security risks)
  • Major issues (portability, maintainability)
  • Minor issues (style, documentation)

Output Format

## Summary
Shell script review findings

## Scripts Reviewed
- [list with line counts]

## Exit Code Issues
### [E1] Pipeline masks failure
- Location: script.sh:42
- Pattern: `cmd | grep` loses exit code
- Fix: Use pipefail or capture separately

## Portability Issues
[cross-platform concerns]

## Safety Issues
[unquoted variables, missing set flags]

## Recommendation
Approve / Approve with actions / Block

Exit Criteria

  • Exit code propagation verified
  • Portability issues documented
  • Safety patterns checked
  • Evidence logged