The Agent Skills Directory

[PROMPT_INJECTION]: The skill processes untrusted code and git diffs, making it susceptible to indirect prompt injection where malicious commands could be hidden in comments or code strings. * Ingestion points: Processes data from git diffs and specified file paths as described in SKILL.md. * Boundary markers: Does not specify clear delimiters to separate untrusted code from instructions. * Capability inventory: Accesses file contents and executes git commands for context. * Sanitization: Lacks sanitization of the input code prior to analysis.
[NO_CODE]: The skill package consists entirely of markdown instructions and reference guides; no executable scripts or binaries are included.

code-review