The Agent Skills Directory

[SAFE]: The skill is a specialized development utility focused on code quality assurance and adherence to project standards.
[COMMAND_EXECUTION]: The skill utilizes local shell commands such as git status and git diff to identify uncommitted changes. It also executes a local Python script (.claude/scripts/code_graph) for dependency mapping and blast radius analysis. These operations are appropriate for a code review tool and are restricted to the local filesystem.
[DATA_EXFILTRATION]: All data processing remains within the local repository environment. The skill reads local source files and documentation, exporting its findings to reports stored in the plans/reports/ directory. No network activity or external exfiltration patterns were detected.
[PROMPT_INJECTION]: The skill uses forceful instructional markers (e.g., 'MANDATORY IMPORTANT MUST ATTENTION') to guide the agent through its review protocol. It also acknowledges the surface risk of indirect prompt injection (Category 8) when processing untrusted diff data: 1. Ingestion points: reads uncommitted changes via git diff and project source files; 2. Boundary markers: utilizes structured markdown reporting and procedural gates; 3. Capability inventory: executes local commands, writes files, and spawns sub-agents; 4. Sanitization: mitigates risk by enforcing a skeptical review mindset and requiring 'file:line' evidence for all findings.

review-changes