The Agent Skills Directory

[SAFE]: No malicious patterns, obfuscation, or unauthorized data exfiltration were detected. The skill utilizes standard, well-known developer tools such as git and the GitHub CLI (gh) to interact with repositories and fetch pull request data.
[COMMAND_EXECUTION]: The skill instructs the agent to execute a project's test and lint suites by identifying canonical commands within the repository's CI configuration. This is a powerful but necessary capability for deep code verification and is performed within the context of the requested review.
[PROMPT_INJECTION]: The skill creates an indirect prompt injection surface as it ingests untrusted data including diffs, PR descriptions, and comments from external contributors (ingestion points). It lacks automated boundary markers for this data but mitigates risk by requiring an explicit adversarial red-team pass and providing specific checklists for identifying LLM trust boundary violations (sanitization). The agent's capabilities include shell command execution through git, gh, and arbitrary test scripts found in the repository (capability inventory).

code-review