Skip to main content

Review Agent Governance

Plugin Verified Active
Part of:Claude Code Plugins

Require a human approval signal before an AI agent can post PR reviews, comments, merges, or writes to CI config. Cedar-gated, receipt-signed, designed for the Hermes-style failure mode where a review bot posts without oversight.

1 Skill 0 MCPs
Purpose

To prevent AI agents from making unauthorized or erroneous changes to code reviews, PRs, or CI configurations by requiring explicit human approval and providing a cryptographically verifiable audit trail.

Features

  • Mandatory human approval for review-surface actions
  • Cedar policy for declarative gating
  • Ed25519-signed receipts for auditability
  • Slash commands and flag files for approval windows
  • Automatic denial of unauthorized actions

Use Cases

  • Ensuring human oversight on AI-generated PR reviews.
  • Preventing AI agents from merging code without explicit human sign-off.
  • Auditing all AI agent actions on code review surfaces.
  • Controlling AI agent modifications to CI/CD workflow files.

Non-Goals

  • General policy enforcement for all tool calls (use `protect-mcp` for this).
  • Replacing the need for human review entirely.
  • Automating the approval process itself.

Installation

First, add the marketplace

/plugin marketplace add wshobson/agents
/plugin install review-agent-governance@claude-code-workflows

Contains 1 extensions

Skill (1)

Review Agent Setup Skill

Configure human-in-the-loop gating for AI agent review actions in Claude Code. Use when setting up a project where an agent may post PR reviews, comments, merges, or edit CI configuration, and you want a cryptographically auditable approval trail with Cedar-enforced gates.

Quality Score

Verified
99 /100
Analyzed 2 days ago

Trust Signals

Last commit4 days ago
GitHub owner wshobson (opens in new tab)
Stars35.3k
LicenseMIT
Websitesethhobson.com(opens in new tab)
Status
View Source

Similar Extensions

Dotforge

100

Node.js 20+ with Express/Fastify, TypeScript, and ESM module rules for Claude Code.

Plugin
luiseiman

Protect Mcp

98

Cedar policy enforcement + Ed25519 signed receipts for every Claude Code tool call. First cryptographic governance plugin — receipts independently verifiable offline.

Plugin
wshobson

HubSpot Admin Skills

99

Complete HubSpot CRM administration toolkit — audit, clean, enrich, segment, automate, and maintain your database

Plugin
TomGranot

Performance Testing Review

99

Performance analysis, test coverage review, and AI-powered code quality assessment

Plugin
wshobson

Comprehensive Review

99

Multi-perspective code analysis covering architecture, security, and best practices

Plugin
wshobson

Skill Improver

99

Automatically reviews and fixes Claude Code skills through iterative refinement until they meet quality standards. Requires plugin-dev plugin.

Plugin
trailofbits

© 2025 SkillRepo · Find the right skill, skip the noise.