The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to use the Bash tool to execute standard security and development commands, including git, gh, npm audit, pip audit, and semgrep. These operations are well-known utilities appropriate for the skill's stated purpose of security review.
[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes external, untrusted code diffs and pull request data. Ingestion points: Untrusted data enters the context via git diff and gh pr diff commands as specified in SKILL.md. Boundary markers: The instructions lack explicit boundary markers or directions to ignore embedded instructions within the ingested diff content. Capability inventory: The skill allows access to Bash, Write, Edit, Glob, Grep, and Read tools. Sanitization: No evidence of content sanitization or validation of the diff data before it is processed by the agent.

differential-review