The Agent Skills Directory

[COMMAND_EXECUTION]: The skill provides instructions for using the warden CLI tool to perform code analysis, manage configuration (init), and set up GitHub integrations (setup-app).
[EXTERNAL_DOWNLOADS]: The tool facilitates fetching and synchronizing analysis modules ('skills') from external GitHub repositories using the add --remote and sync commands. These operations target well-known services (GitHub) as part of the tool's core extension mechanism.
[CREDENTIALS_UNSAFE]: Documentation describes standard practices for managing credentials, including the use of environment variables for API keys and a manifest flow for GitHub App creation. No hardcoded secrets or unsafe storage practices were detected.
[PROMPT_INJECTION]: As a tool that processes untrusted code changes from local files and pull requests, there is an inherent surface for indirect prompt injection. Malicious instructions embedded in the analyzed code (e.g., in comments or documentation) could attempt to influence the agent's behavior during the review process.
Ingestion points: The tool reads uncommitted changes, specific files, and git diffs for analysis.
Boundary markers: No explicit instructions are provided to wrap processed data in delimiters or include 'ignore instructions' warnings in the provided documentation.
Capability inventory: The tool supports automated fixes (--fix) and mentions that custom skills may utilize powerful tools such as Bash, Write, and Edit via the agent runtime.
Sanitization: No specific content sanitization or validation logic for the code being analyzed is described in the references.

warden