The Agent Skills Directory

[COMMAND_EXECUTION]: Executes local git commands such as git diff and git diff --numstat, and GitHub CLI commands like gh pr diff to retrieve code changes for analysis.
[COMMAND_EXECUTION]: Runs internal Python utility scripts (scripts/diff_stats.py and scripts/generate_html_report.py) to process diff metadata and transform Markdown reports into styled HTML files.
[PROMPT_INJECTION]: Subject to indirect prompt injection risks common in tools that process untrusted external data. Malicious instructions could be embedded within code comments or logic in the git diff to influence the agent's review verdict.
Ingestion points: The skill reads git diff outputs and PR diffs into the agent context via shell command execution as defined in SKILL.md.
Boundary markers: While the agent is instructed to focus on the diff, no specific structural delimiters or warnings are used to isolate untrusted code from the agent's instructions during the analysis phase.
Capability inventory: The skill can execute shell commands for repository operations and write files to the .reviews/ directory.
Sanitization: The generate_html_report.py script performs HTML escaping and sanitizes Markdown code block language tags to prevent Cross-Site Scripting (XSS) in the final HTML report.
[SAFE]: Loads syntax highlighting assets from Cloudflare's cdnjs, which is a well-known and trusted service.

code-review