The Agent Skills Directory

[SAFE]: The skill consists entirely of markdown-based instructions for an AI agent to perform code reviews. It does not contain any executable scripts, shell commands, or network-enabled operations.
[PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it is designed to ingest and process untrusted data from code diffs and PR comments. Ingestion points: Code diff blocks and external reviewer comments mentioned in the 'PR Review Mode' section of SKILL.md. Boundary markers: The skill does not define explicit delimiters or escaping mechanisms to isolate the audited code from the agent's instructions. Capability inventory: The agent is expected to use file reading tools and version control systems to retrieve diffs and full file contexts. Sanitization: No explicit sanitization of the input diff data is described. However, the risk is mitigated by the instruction for the agent to specifically audit for security vulnerabilities within the processed content.
[SAFE]: The metadata identifies the author and a source repository (github.com/rajivpant/synthesis-skills) that matches the provided vendor context. No deceptive metadata or suspicious redirects were identified.

synthesis-code-audit