The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses dynamic context injection in SKILL.md to execute git diff and git log when the skill is loaded. These commands are used to provide the AI with context about the pull request being reviewed. These commands do not process user-provided arguments, mitigating command injection risks.
[SAFE]: The skill presents an indirect prompt injection surface as it is intended to process and review external code. Evidence Chain: (1) Ingestion points: SKILL.md via dynamic git context injection and general code review tasks. (2) Boundary markers: Absent. (3) Capability inventory: No file-write, network-send, or dynamic code execution capabilities were found. (4) Sanitization: Absent. The risk is considered negligible given the skill's lack of dangerous capabilities and its intended purpose as a security audit tool.
[SAFE]: The reference files (references/pr-review-guide.md and references/review-checklist.md) contain educational examples and best practices for identifying security vulnerabilities (like SQL injection) in other code, which reinforces the skill's safe and beneficial purpose.
[SAFE]: No obfuscation, hardcoded credentials, or suspicious remote dependencies were identified in the skill files.

code-reviewer