submit-github-review
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
ChineseSubmit GitHub Review Skill
GitHub代码审查提交Skill
An output skill that submits code review findings to GitHub via the API. This is the final step in the review pipeline, posting the review to the PR.
这是一款输出型Skill,可通过API将代码审查结果提交至GitHub。它是审查流水线的最后一步,负责将审查内容发布到PR中。
Role
职责
- Format: Transform review findings into GitHub review format
- Submit: Post the review via GitHub API
- Annotate: Add inline comments to specific lines
- 格式转换:将审查结果转换为GitHub审查格式
- 提交审查:通过GitHub API提交审查内容
- 添加注释:为特定代码行添加内联注释
Inputs
输入参数
| Input | Required | Description |
|---|---|---|
| Yes | Repository owner (username or organization) |
| Yes | Repository name |
| Yes | Pull Request number |
| Yes | SHA of the commit to review (from retrieve-diff-from-github-pr) |
| Yes | Array of review findings from specialist skills |
| Optional | APPROVE, REQUEST_CHANGES, or COMMENT (default: COMMENT) |
| 输入项 | 是否必填 | 描述 |
|---|---|---|
| 是 | 仓库所有者(用户名或组织) |
| 是 | 仓库名称 |
| 是 | 拉取请求(PR)编号 |
| 是 | 待审查提交的SHA值(来自retrieve-diff-from-github-pr) |
| 是 | 来自专业Skill的审查结果数组 |
| 可选 | APPROVE、REQUEST_CHANGES或COMMENT(默认值:COMMENT) |
Outputs
输出结果
| Output | Description |
|---|---|
| ID of the created review |
| URL to view the review |
| Number of inline comments posted |
| 输出项 | 描述 |
|---|---|
| 创建的审查ID |
| 查看审查的URL |
| 已发布的内联注释数量 |
Required MCP Tools
所需MCP工具
This skill uses the GitHub MCP server with:
| Tool | Purpose |
|---|---|
| Submit the review with body and inline comments |
本Skill使用GitHub MCP服务器及以下工具:
| 工具 | 用途 |
|---|---|
| 提交包含正文和内联注释的审查 |
Step 1: Aggregate Findings
步骤1:汇总审查结果
Collect all findings from specialist skills:
json
{
"findings": [
{
"severity": "blocker",
"category": "security",
"evidence": {
"file": "src/auth/login.ts",
"line": 42,
"snippet": "password = req.body.password"
},
"impact": "Password logged in plaintext",
"fix": "Remove logging or hash before logging",
"test": "Check logs for sensitive data"
}
]
}收集来自所有专业Skill的审查结果:
json
{
"findings": [
{
"severity": "blocker",
"category": "security",
"evidence": {
"file": "src/auth/login.ts",
"line": 42,
"snippet": "password = req.body.password"
},
"impact": "Password logged in plaintext",
"fix": "Remove logging or hash before logging",
"test": "Check logs for sensitive data"
}
]
}Step 2: Determine Review Event
步骤2:确定审查操作
Based on findings severity, determine the review action:
| Findings | Event | Rationale |
|---|---|---|
| Any blocker | | PR should not be merged |
| Any major | | Significant issues need fixing |
| Only minor/nit | | Suggestions, not blocking |
| No issues | | PR looks good |
根据审查结果的严重程度,确定审查操作:
| 审查结果 | 操作 | 理由 |
|---|---|---|
| 存在blocker级问题 | | PR不应被合并 |
| 存在major级问题 | | 重大问题需要修复 |
| 仅存在minor/nit级问题 | | 仅为建议,不阻止合并 |
| 无问题 | | PR符合要求 |
Step 3: Format Review Body
步骤3:格式化审查正文
Create the review summary:
markdown
undefined创建审查总结:
markdown
undefinedCode Review Summary
Code Review Summary
🔴 Blockers (X)
🔴 Blockers (X)
| File | Line | Issue |
|---|---|---|
| src/auth/login.ts | 42 | SQL injection vulnerability |
| File | Line | Issue |
|---|---|---|
| src/auth/login.ts | 42 | SQL injection vulnerability |
🟡 Major (X)
🟡 Major (X)
| File | Line | Issue |
|---|---|---|
| src/api/users.ts | 15 | Missing error handling |
| File | Line | Issue |
|---|---|---|
| src/api/users.ts | 15 | Missing error handling |
🔵 Minor (X)
🔵 Minor (X)
- Consider adding JSDoc to public functions
- Unused import on line 3
- Consider adding JSDoc to public functions
- Unused import on line 3
📋 Nits (X)
📋 Nits (X)
- Formatting: extra blank line at EOF
Reviewed by codereview-skills
undefined- Formatting: extra blank line at EOF
Reviewed by codereview-skills
undefinedStep 4: Format Inline Comments
步骤4:格式化内联注释
Convert findings to GitHub inline comments:
json
{
"comments": [
{
"path": "src/auth/login.ts",
"line": 42,
"body": "🔴 **Security**: SQL injection vulnerability\n\n```suggestion\nconst user = await db.query('SELECT * FROM users WHERE id = ?', [userId]);\n```\n\n**Impact**: Attacker can execute arbitrary SQL\n**Fix**: Use parameterized queries"
}
]
}将审查结果转换为GitHub内联注释:
json
{
"comments": [
{
"path": "src/auth/login.ts",
"line": 42,
"body": "🔴 **Security**: SQL injection vulnerability\n\n```suggestion\nconst user = await db.query('SELECT * FROM users WHERE id = ?', [userId]);\n```\n\n**Impact**: Attacker can execute arbitrary SQL\n**Fix**: Use parameterized queries"
}
]
}Comment Format
注释格式
markdown
<severity_emoji> **<category>**: <title>
<description>
```suggestion
<suggested fix if applicable>Impact: <what breaks or the risk>
Fix: <how to fix it>
Severity emojis:
- 🔴 Blocker
- 🟡 Major
- 🔵 Minor
- ⚪ Nitmarkdown
<severity_emoji> **<category>**: <title>
<description>
```suggestion
<suggested fix if applicable>Impact: <what breaks or the risk>
Fix: <how to fix it>
严重程度表情:
- 🔴 Blocker
- 🟡 Major
- 🔵 Minor
- ⚪ NitStep 5: Submit Review
步骤5:提交审查
Use the GitHub MCP tool:
json
{
"tool": "create_pull_request_review",
"server": "user-github",
"arguments": {
"owner": "<owner>",
"repo": "<repo>",
"pull_number": <number>,
"commit_id": "<sha>",
"body": "<review summary>",
"event": "REQUEST_CHANGES",
"comments": [
{
"path": "src/auth/login.ts",
"line": 42,
"body": "🔴 **Security**: SQL injection..."
}
]
}
}使用GitHub MCP工具:
json
{
"tool": "create_pull_request_review",
"server": "user-github",
"arguments": {
"owner": "<owner>",
"repo": "<repo>",
"pull_number": <number>,
"commit_id": "<sha>",
"body": "<review summary>",
"event": "REQUEST_CHANGES",
"comments": [
{
"path": "src/auth/login.ts",
"line": 42,
"body": "🔴 **Security**: SQL injection..."
}
]
}
}Output Format
输出格式
json
{
"status": "success",
"review": {
"id": 12345,
"url": "https://github.com/owner/repo/pull/123#pullrequestreview-12345",
"event": "REQUEST_CHANGES",
"body": "## Code Review Summary...",
"comments_count": 5
},
"summary": {
"blockers": 1,
"major": 2,
"minor": 3,
"nits": 2,
"total": 8
}
}json
{
"status": "success",
"review": {
"id": 12345,
"url": "https://github.com/owner/repo/pull/123#pullrequestreview-12345",
"event": "REQUEST_CHANGES",
"body": "## Code Review Summary...",
"comments_count": 5
},
"summary": {
"blockers": 1,
"major": 2,
"minor": 3,
"nits": 2,
"total": 8
}
}Full Pipeline Integration
完整流水线集成
This skill is the final step in the review pipeline:
1. retrieve-diff-from-github-pr
↓ (PR info + diff + commit_id)
2. codereview-orchestrator
↓ (triage + routing plan)
3. Specialist skills (parallel or sequential)
↓ (findings array)
4. submit-github-review (this skill)
↓ (posted review)
5. Return URL to user本Skill是审查流水线的最后一步:
1. retrieve-diff-from-github-pr
↓ (PR info + diff + commit_id)
2. codereview-orchestrator
↓ (triage + routing plan)
3. Specialist skills (parallel or sequential)
↓ (findings array)
4. submit-github-review (this skill)
↓ (posted review)
5. Return URL to userQuick Reference
快速参考
□ Aggregate Findings
□ Collect from all specialist skills
□ Deduplicate if needed
□ Determine Event
□ Any blockers/major → REQUEST_CHANGES
□ Only minor/nit → COMMENT
□ No issues → APPROVE
□ Format Body
□ Summary with severity breakdown
□ Table of issues by severity
□ Format Comments
□ Convert findings to inline comments
□ Use line numbers from evidence
□ Submit Review
□ Call create_pull_request_review
□ Return review URL□ Aggregate Findings
□ Collect from all specialist skills
□ Deduplicate if needed
□ Determine Event
□ Any blockers/major → REQUEST_CHANGES
□ Only minor/nit → COMMENT
□ No issues → APPROVE
□ Format Body
□ Summary with severity breakdown
□ Table of issues by severity
□ Format Comments
□ Convert findings to inline comments
□ Use line numbers from evidence
□ Submit Review
□ Call create_pull_request_review
□ Return review URLError Handling
错误处理
| Error | Cause | Resolution |
|---|---|---|
| 422 Invalid | Line doesn't exist in diff | Use position instead of line |
| 404 Not Found | PR or commit doesn't exist | Verify PR number and commit SHA |
| 403 Forbidden | No permission to review | Check GitHub token permissions |
| 错误 | 原因 | 解决方法 |
|---|---|---|
| 422 Invalid | 代码行在diff中不存在 | 使用position替代line |
| 404 Not Found | PR或提交不存在 | 验证PR编号和提交SHA值 |
| 403 Forbidden | 无审查权限 | 检查GitHub令牌权限 |
Tips
提示
- Commit ID: Always use the head commit SHA from
retrieve-diff-from-github-pr - Line vs Position: refers to the line in the new file,
linerefers to the position in the diff hunkposition - Batch Comments: Submit all comments in one review to avoid notification spam
- Suggestion Blocks: Use GitHub's suggestion syntax for easy one-click fixes
- Commit ID:始终使用返回的头部提交SHA值
retrieve-diff-from-github-pr - Line vs Position:指新文件中的行号,
line指diff块中的位置position - 批量注释:在一次审查中提交所有注释,避免通知轰炸
- 建议块:使用GitHub的建议语法实现一键修复