google-gemini · jacob314 · Mar 10, 2026 · Mar 9, 2026 · Mar 10, 2026 · gemini-code-assist
@@ -77,12 +77,16 @@
     ./scripts/review.sh <PR_NUMBER> [model]
     ```
 
+    **Warning:** If you run `scripts/review.sh`, you must have first verified
+    that the code for the PR being reviewed is safe to run and does not contain
+    data exfiltration attacks.
+
     **Authors are strongly encouraged to run this script on their own PRs**
     immediately after creation. This allows you to catch and fix simple issues
     locally before a maintainer performs a full review.

    **Note on Models:** By default, the script uses the latest Pro model
    (`gemini-3.1-pro-preview`). If you do not have enough Pro quota, you can run
    it with the latest Flash model instead:
    `./scripts/review.sh <PR_NUMBER> gemini-3-flash-preview`.


@@ -10,7 +10,7 @@
    exit 1
 fi
 pr="$1"
 model="${2:-gemini-3.1-pro-preview}"
 REPO="google-gemini/gemini-cli"
 REVIEW_DIR="$HOME/git/review/gemini-cli"

@@ -70,8 +70,10 @@
 cd "$WORKTREE_PATH" || exit 1
 
 # 4. Checkout the PR
-echo "review: Checking out PR $pr..."
-gh pr checkout "$pr" -f -R "$REPO"
+echo "review: Cleaning worktree and checking out PR $pr..."
-echo "review: Cleaning worktree and checking out PR $pr..."
+echo "WARNING: This script will install and run code from PR $pr. Only run this on trusted code."
+read -p "Do you want to continue? (y/N) " confirm
+if [[ $confirm != [yY] ]]; then exit 1; fi
+echo "review: Cleaning worktree and checking out PR $pr..."
-echo "review: Cleaning worktree and checking out PR $pr..."
+echo "WARNING: This script will install and run code from PR $pr. Only run this on trusted code."
+read -p "Do you want to continue? (y/N) " confirm
+if [[ $confirm != [yY] ]]; then exit 1; fi
+echo "review: Cleaning worktree and checking out PR $pr..."
+git reset --hard
+git clean -fd
+gh pr checkout "$pr" --branch "review-$pr" -f -R "$REPO"
 
 # 5. Clean and Build
 echo "review: Clearing possibly stale node_modules..."