The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses the Bash tool to perform local repository operations and static analysis during the review process. Evidence: In SKILL.md and review-changes/doc.md, the agent is instructed to use git diff to identify changes, grep to scan for hardcoded secrets, and npx to run established tools like eslint, tsc, and prettier for code validation. These operations are consistent with the skill's stated purpose.
[INDIRECT_PROMPT_INJECTION]: The skill processes untrusted source code and pull request data, which presents a surface for indirect prompt injection via instructions embedded in code comments or metadata. 1. Ingestion points: The skill ingests data via git diff and the Read tool as seen in SKILL.md and review-changes/doc.md. 2. Boundary markers: No explicit delimiters are defined in the instructions to separate untrusted code content from agent instructions. 3. Capability inventory: The skill has access to Bash for shell execution and the Task tool for delegating tasks to sub-agents. 4. Sanitization: The instructions do not specify any sanitization or filtering of the code content before analysis.

review