The Agent Skills Directory

[SAFE]: The skill instructions are focused exclusively on performing code quality reviews using read-only local Git operations (git diff --cached).- [SAFE]: No network exfiltration, credential access, or unauthorized file system operations were identified. The tool's operations are confined to the local repository.- [INDIRECT_PROMPT_INJECTION]: The skill has an inherent attack surface for indirect prompt injection because its primary function is to process untrusted data (staged source code). A malicious actor could embed instructions within Ruby comments in an attempt to manipulate the review output. However, this is a common characteristic of code review tools, and the risk is minimal because the skill lacks the capabilities (e.g., network access) to execute harmful payloads.
Ingestion points: Staged Ruby file content retrieved via git diff --cached as described in the 'Review Process' of SKILL.md.
Boundary markers: Absent. The skill does not provide instructions to wrap the analyzed code in delimiters or explicitly tell the agent to ignore instructions embedded in the code.
Capability inventory: The skill uses Bash (for git/grep), Read, Grep, and Glob tools to identify and inspect files.
Sanitization: Absent. The raw file content is analyzed directly by the agent without filtering.

review-commit