The Agent Skills Directory

Indirect Prompt Injection Surface: The skill is designed to process untrusted data from pull request descriptions and GitHub issues, which could potentially contain instructions intended to influence the agent's behavior. * Ingestion points: External data is fetched during Step 2 of the review process, including PR descriptions and linked issues. * Boundary markers: The instructions guide the agent to perform an independent code assessment before being exposed to the PR narrative, which provides a conceptual boundary, though no technical delimiters (like XML tags) are specified for the untrusted text. * Capability inventory: The skill utilizes git and grep for local repository analysis and the gh CLI for interacting with the GitHub API. * Sanitization: The skill relies on the agent's skepticism and manual verification process rather than programmatic sanitization or escaping of retrieved content.
Command Execution: The skill employs standard development tools including git, grep, and the GitHub CLI (gh). These tools are used for their intended purposes—gathering repository context, searching for code patterns, and verifying API approvals—which are consistent with the skill's primary function.

code-review