The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses local shell commands including git diff, git log, and git shortlog to gather information about code changes and project history. These commands are used locally to extract repository metadata and do not involve unauthorized network operations.
[SAFE]: External references for best practices point to well-known and established domains such as GitHub, Google, and Microsoft.
[SAFE]: The skill includes explicit instructions to avoid modifying code unless specifically requested by the user, adhering to the principle of user oversight.
[PROMPT_INJECTION]: The skill processes untrusted code and diffs, which represents a potential surface for indirect prompt injection.
Ingestion points: Code changes and file contents are ingested through git commands and MCP tool calls.
Boundary markers: The instructions do not specify the use of delimiters for untrusted code, but they constrain the agent to objective review criteria.
Capability inventory: The agent can execute git commands, call MCP tools, and modify files upon user request.
Sanitization: No specific sanitization or filtering of the code content is implemented. This risk is assessed as safe given it is inherent to the intended functionality of code review and is mitigated by behavioral constraints.

code-review