review-automation-orchestrator
$
npx mdskill add TencentCloudBase/CloudBase-MCP/review-automation-orchestratorCoordinates periodic repository reviews and dispatches findings to appropriate reviewers
- Schedules and runs repository reviews for API contracts, documentation, code quality, and CloudBase skills
- Leverages review skills, escalation rules, and automation tools for analysis
- Routes findings to correct reviewers based on severity, type, and risk profile
- Aggregates results into reports, issues, or corrective pull requests for action
SKILL.md
.github/skills/review-automation-orchestratorView on GitHub ↗
--- name: review-automation-orchestrator description: Use when running or scheduling periodic repository review cycles that must dispatch the correct reviewer, aggregate findings, and escalate outcomes into reports, issues, or corrective PRs across API contracts, documentation freshness, code quality, and CloudBase skill quality. alwaysApply: false --- # Review Automation Orchestrator Coordinate recurring repository review work without turning one skill into every reviewer at once. ## When to use this skill Use this skill when you need to: - Run a periodic repository review across several quality dimensions - Decide which specialized review skill should own each finding type - Aggregate review results into one report with clear escalation - Convert high-confidence, low-risk findings into corrective PRs when feasible - Configure or run a scheduled review cycle without duplicating the underlying reviewer logic **Do NOT use for:** - Acting as the primary reviewer for API contracts, docs, or code quality by itself - Replacing the existing CloudBase skill review flow under `skill-authoring` - Fixing a single known issue without a broader review cycle - Merging PRs or making final release decisions ## Workflow ### Phase 1 — Define the run 1. Clarify whether the run is one-time or periodic. 2. Define the review surfaces and target outputs: - report only - issue + report - fix + PR 3. Read `references/escalation-matrix.md` before dispatching work. ### Phase 2 — Dispatch to the right reviewer Route by finding type, not by convenience: - CloudBase API contract correctness → `api-contract-review` - Published docs and README drift → `doc-freshness-review` - Broad code hygiene and proactive repository health → `codebase-audit` - Existing open PR triage and repair → `pr-review-fix` - CloudBase source skill quality under `config/source/skills` → `skill-authoring`, then load `references/repo-skill-review.md` and `references/cloudbase-skill-review.md` Do not create a redundant top-level CloudBase skill reviewer when the existing `skill-authoring` flow already covers it. ### Phase 3 — Normalize findings 1. Deduplicate overlaps between reviewers. 2. Normalize each finding with: - scope - severity - confidence - smallest useful fix batch - recommended action from the escalation matrix 3. Keep reports readable: separate API, docs, code, and skill findings. ### Phase 4 — Escalate 1. Use `report only` for lower-confidence or lower-impact findings. 2. Use `issue + report` for confirmed but broader or riskier problems. 3. Use `fix + PR` when the finding is confirmed, mechanically fixable, and small enough for a focused review. 4. Prefer concrete PRs over issue-only churn when the path is already clear and low-risk. ### Phase 5 — Scheduling discipline 1. If the user asks for recurrence, create automation that runs the review cycle and stores the task prompt separately from schedule details. 2. Keep the scheduled prompt short and routing-focused. 3. Do not duplicate reviewer checklists inside the automation definition. ## Routing | Task | Read | | --- | --- | | Decide escalation from severity and confidence | `references/escalation-matrix.md` | | Review CloudBase API contract correctness | `api-contract-review` | | Review doc and README drift | `doc-freshness-review` | | Run broad repository code review | `codebase-audit` | | Repair existing PRs after review | `pr-review-fix` | | Review CloudBase source skills | `skill-authoring` | ## Evaluation prompts ### Should-trigger 1. Run a weekly repository review that checks CloudBase API contracts, docs freshness, and skill quality, then decide what should become PRs. 2. Help me set up a periodic review flow that routes findings to the right reviewer and escalates only the high-confidence fixes. 3. Aggregate findings from code, docs, and CloudBase skill review into one actionable maintenance report. ### Should-not-trigger 1. Review this one MCP tool for parameter casing errors. 2. Audit `doc/` for stale links and missing files. 3. Rewrite a CloudBase source skill description to improve its trigger wording. ## Minimum self-check - Did I dispatch each finding class to the correct specialized reviewer? - Did I reuse `skill-authoring` for CloudBase skill review instead of inventing a duplicate flow? - Did I normalize findings by severity, confidence, and smallest useful fix batch? - Did I choose report, issue, or PR based on evidence rather than habit? - If the run is periodic, did I keep the automation prompt focused on routing instead of embedding whole checklists?
More from TencentCloudBase/CloudBase-MCP
- ai-model-nodejsUse this skill for Node.js backend AI via @cloudbase/node-sdk (>=3.16.0) — cloud functions, CloudRun, Express, Koa, NestJS, serverless APIs, scheduled jobs, LLM proxies. Only SDK supporting image generation (ai.createImageModel + generateImage). Text models via ai.createModel with groups cloudbase, hunyuan-exp, or custom-*. Model IDs (deepseek-v4-flash, deepseek-v3.2, hunyuan-2.0-instruct-20251111, glm-5, kimi-k2.6) go in the model field of generateText/streamText. MUST run two-step preflight before code — see body. Keywords: backend, 云函数, 云托管, serverless, LLM proxy, agent orchestration, generateText, streamText, generateImage, createModel, hunyuan-image, Token Credits, TokenHub, Hunyuan, DeepSeek, GLM, Kimi, MiniMax. NOT for browser/Web (use ai-model-web) or Mini Program (use ai-model-wechat).
- ai-model-webUse this skill when a browser/Web app (React, Vue, Angular, Next, Nuxt, static sites, SPAs, dashboards, AI chat UI) needs AI models via @cloudbase/js-sdk. Default routing for page/页面/Web/前端/frontend/网页/H5 AI — call directly from browser, do NOT propose a Node.js proxy. Covers generateText and streamText. Models via ai.createModel with groups cloudbase, hunyuan-exp, or custom-*. Model IDs (deepseek-v4-flash, deepseek-v3.2, hunyuan-2.0-instruct-20251111, glm-5, kimi-k2.6) go in the model field. MUST run two-step preflight before code — see body. Keywords: 页面, Web, 前端, React, Vue, Next, Nuxt, SPA, AI chat UI, generateText, streamText, createModel, hunyuan-exp, Token Credits, TokenHub, Hunyuan, DeepSeek, GLM, Kimi, MiniMax. NOT for Node.js backend (use ai-model-nodejs), Mini Program (use ai-model-wechat), or image generation (Node SDK only).
- ai-model-wechatUse this skill for WeChat Mini Program AI via wx.cloud.extend.AI (小程序, 企业微信小程序, wx.cloud apps). Features generateText and streamText with callbacks (onText, onEvent, onFinish). Models via wx.cloud.extend.AI.createModel with groups hunyuan-exp (小程序成长计划), cloudbase (main managed), or custom-*. Model IDs (deepseek-v4-flash, deepseek-v3.2, hunyuan-2.0-instruct-20251111, glm-5, kimi-k2.6) go in the data wrapper model field. API differs from JS/Node SDK — streamText needs data wrapper, generateText returns raw response. MUST run two-step preflight before code — see body. Keywords: Mini Program AI, wx.cloud.extend.AI, 小程序成长计划, ai_miniprogram_inspire_plan, Token Credits 资源包, generateText, streamText, createModel, hunyuan-exp, TokenHub, Hunyuan, DeepSeek, GLM, Kimi, MiniMax. NOT for browser/Web (use ai-model-web), Node.js backend (use ai-model-nodejs), or image generation (use ai-model-nodejs).
- api-contract-reviewUse when auditing CloudBase cloud API wrappers, MCP tools, generated action metadata, or related docs for outdated or incorrect action names, parameters, casing, request shapes, or missing contract tests, especially during periodic quality review or before preparing corrective PRs.
- auth-nodejs-cloudbaseCloudBase Node SDK auth guide for server-side identity, user lookup, and custom login tickets. This skill should be used when Node.js code must read caller identity, inspect end users, or bridge an existing user system into CloudBase; not when configuring providers or building client login UI.
- auth-tool-cloudbaseCloudBase auth provider configuration and login-readiness guide. This skill should be used when users need to inspect, enable, disable, or configure auth providers, publishable-key prerequisites, login methods, SMS/email sender setup, or other provider-side readiness before implementing a client or backend auth flow.
- auth-web-cloudbaseCloudBase Web Authentication Quick Guide for frontend integration after auth-tool has already been checked. Provides concise and practical Web authentication solutions with multiple login methods and complete user management.
- auth-wechat-miniprogramCloudBase WeChat Mini Program native authentication guide. This skill should be used when users need mini program identity handling, OPENID/UNIONID access, or `wx.cloud` auth behavior in projects where login is native and automatic.
- cloud-functionsCloudBase function runtime guide for building, deploying, and debugging your own Event Functions or HTTP Functions. This skill should be used when users need application runtime code on CloudBase, not when they are merely calling CloudBase official platform APIs.
- cloud-storage-webComplete guide for CloudBase cloud storage using Web SDK (@cloudbase/js-sdk) - upload, download, temporary URLs, file management, and best practices.