The Agent Skills Directory

[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it incorporates external, untrusted code and diffs into its context without sanitization.\n- Ingestion points: Untrusted data enters via git diff, git log, and source file reading as defined in SKILL.md.\n- Boundary markers: Absent. The instructions do not mandate the use of delimiters or 'ignore' instructions for the data being processed.\n- Capability inventory: The skill executes git shell commands and performs local file system reads.\n- Sanitization: Absent. No evidence of input escaping or instruction filtering for the reviewed content.\n- [COMMAND_EXECUTION]: The skill executes git commands using parameters like branch names and file paths provided by the user, which is a standard but noteworthy capability for a code review assistant.

senior-code-reviewer