The Agent Skills Directory

[SAFE]: The skill instructions and research provenance documentation contain no malicious patterns, obfuscation, or unauthorized access attempts. All instructions are dedicated to the legitimate task of reviewing operational procedures.\n- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface (Category 8) as it is designed to ingest and analyze untrusted external documentation (runbooks, architecture designs, etc.). Evidence Chain: 1. Ingestion points: Processes user-provided text files and documents as described in Step 1 of the Workflow. 2. Boundary markers: Absent; there are no explicit delimiters or safety instructions provided to the agent to isolate the untrusted content. 3. Capability inventory: The skill does not instruct the agent to use any tools, execute shell commands, perform network operations, or write to the file system. 4. Sanitization: Absent. Although a surface exists, the risk is negligible because the skill lacks the capabilities to perform dangerous actions even if the verdict logic is manipulated.\n- [NO_CODE]: The skill consists solely of markdown instructions. No Python packages, Node.js packages, or binary dependencies are included or referenced for execution.

reviewing-release-runbook