The Agent Skills Directory

[COMMAND_EXECUTION]: Uses the GitHub CLI (gh) to perform read-only operations (list and view) on pull requests. This is consistent with the skill's stated purpose of repository management and does not pose a security risk.\n- [SAFE]: No hardcoded credentials or sensitive file paths (e.g., .env, .ssh/id_rsa) are accessed or exposed by the skill.\n- [SAFE]: The skill ingests untrusted data from GitHub PR bodies and titles in SKILL.md. Boundary markers are absent. Capability inventory is restricted to gh CLI read-only metadata retrieval. No explicit sanitization is performed. The risk is assessed as safe due to the non-executable nature of the reporting output.\n- [SAFE]: No obfuscation, persistence mechanisms, or privilege escalation patterns were identified.

find-review-pr