The Agent Skills Directory

[PROMPT_INJECTION]: The skill processes code review comments from untrusted external sources (GitHub UI, Copilot, subagents), which constitutes an indirect prompt injection surface. The risk is mitigated by explicit instructions to treat inputs as hypotheses rather than instructions, requiring independent verification against the codebase and official documentation before implementation.
[COMMAND_EXECUTION]: The utility script scripts/validate_handoff.py uses subprocess.run to execute git diff commands. The execution is handled safely using argument lists (avoiding shell interpolation) and includes rigorous path validation to ensure file access does not escape the repository root.

review-comments