The Agent Skills Directory

[SAFE]: The skill's primary focus is on technical documentation quality. It includes explicit instructions for the 'Compliance & Asset Inspector' role to perform safety checks by scanning for hardcoded secrets (API keys, passwords) and ensuring they are replaced with safe placeholders.
[PROMPT_INJECTION]: As the skill is designed to analyze and process external documents provided by the user, it inherently possesses a surface for indirect prompt injection. An attacker could theoretically embed instructions within a technical document to try and bypass the reviewer's rules. However, this is a standard risk for document-processing agents and is mitigated by the skill's structured approach (chunking by section) and specific logic for extracting data.
Ingestion points: User-provided technical documents (SKILL.md, architecture files, etc.).
Boundary markers: The skill implements a chunking strategy, directing the agent to read the document section-by-section, which helps maintain context separation.
Capability inventory: The agent can suggest modifications to files, output review reports, and call internal tools such as reference-organizer for metadata management.
Sanitization: While no explicit input sanitization is mentioned, the skill focuses on extracting specific technical elements (TOC, links, code blocks) rather than executing raw text from the document.

doc-reviewer