The Agent Skills Directory

[PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it processes untrusted external data in the form of PR diffs and git logs. * Ingestion points: SKILL.md (via gh pr diff and git diff commands). * Boundary markers: Absent; the instructions do not specify the use of delimiters or provide explicit warnings to the agent to ignore instructions embedded within the code changes. * Capability inventory: Includes gh, git, find, mkdir, and the ao knowledge lookup tool. * Sanitization: None identified; the skill operates on the raw text of code diffs.
[EXTERNAL_DOWNLOADS]: Reference documentation in references/BUG_SCANNER.md includes a shell command for downloading and executing an installation script for the UBS tool from an external third-party GitHub repository. This is presented as an example for CI/CD integration and is not executed automatically by the skill's main workflow.
[COMMAND_EXECUTION]: The skill relies on standard command-line tools such as git, gh, find, and a local knowledge tool ao to gather context and perform code analysis. These operations are consistent with the skill's stated purpose of reviewing and auditing codebases.

review