The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes local git commands including 'git rev-parse', 'git log', and 'git diff' to identify and inspect code changes. The 'code-reviewer.md' template interpolates variables like '{BASE_SHA}' and '{HEAD_SHA}' directly into shell commands, which could lead to command injection if the input strings are manipulated by a malicious user or script.
[PROMPT_INJECTION]: The reviewer subagent is susceptible to indirect prompt injection where instructions hidden within the source code or documentation files being reviewed could override the reviewer's logic. Ingestion points: Data enters the subagent through the '{WHAT_WAS_IMPLEMENTED}' and '{PLAN_REFERENCE}' placeholders and the raw output of 'git diff'. Boundary markers: The skill uses markdown headers to organize sections but lacks clear delimiters or instructions that warn the agent to ignore commands within the provided content. Capability inventory: The agent has the ability to execute shell commands ('git diff') and generate production-readiness verdicts. Sanitization: No sanitization or validation of the input variables or the code content is performed before processing.

requesting-code-review