The Agent Skills Directory

[SAFE]: No evidence of prompt injection, obfuscated malicious code, or unauthorized exfiltration was detected. The skill's operations are confined to the intended purpose of code review.
[INDIRECT_PROMPT_INJECTION]: The skill inherently possesses an indirect prompt injection surface as it is designed to process untrusted codebase content. Ingestion points: Files, planning documents, and search results within the repository (SKILL.md). Boundary markers: Absent; there are no explicit delimiters used to separate user-provided code from the agent's instructions. Capability inventory: The skill includes instructions for the agent to update documentation and roadmap files (SKILL.md). Sanitization: No validation or sanitization is performed on ingested codebase content before it is processed by the agent.

deep-codebase-review