The Agent Skills Directory

[SAFE]: The skill does not perform any network operations, access sensitive system files, or download external dependencies. All operations are performed locally on code provided by the user for the purpose of review and development.
[INDIRECT_PROMPT_INJECTION]: As a code review tool, the skill naturally processes untrusted data in the form of Rust source code. This creates an inherent surface for indirect prompt injection where malicious instructions could be embedded in code comments or string literals. However, the skill lacks high-risk capabilities (like automated deployment or system modification) that would enable significant exploitation.
Ingestion points: User-provided Rust source code analyzed by the agent and the scripts/review.py utility.
Boundary markers: The skill expects code to be delimited by standard markdown blocks, though it does not explicitly instruct the agent to ignore embedded instructions in the source.
Capability inventory: The skill is limited to generating text-based advice and executing a local, pre-defined Python script for regex-based pattern matching.
Sanitization: There is no explicit sanitization of the input code, but the Python script uses safe regex operations on text without executing the content of the files it reads.

programming-with-rust