The Agent Skills Directory

[SAFE]: The skill acts as a comprehensive security reference and workflow tool, educating and guiding the agent through complex security audits using 20 distinct pattern libraries.
[SAFE]: All shell commands and tool usages (git, gh) are standard for source code analysis and are used solely to scope the review based on the user's project context.
[SAFE]: The skill contains extensive documentation on 'Red Flags' and vulnerable patterns (e.g., RCE, injection, buffer overflows), but these are provided as educational reference material and do not represent executable malicious payloads within the skill itself.
[SAFE]: The 'Adversarial pass' step uses the Agent tool to perform a deep-dive analysis, which is a common and legitimate pattern for enhancing the agent's reasoning capabilities during a security audit.
[SAFE]: No obfuscation, hardcoded credentials, or unauthorized data exfiltration patterns were found in the skill's instructions or supporting markdown files.

review-security