The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses the terminal tool to automate interactions with the local filesystem, Git, the GitHub CLI (gh), and external review tools (codex, gemini). These commands are essential for fetching code diffs, creating temporary review artifacts, and posting findings back to the user's repository.
[REMOTE_CODE_EXECUTION]: To handle the transfer of prompt content between different execution environments (such as sandboxed LLM execution vs. the local workspace), the skill uses Python one-liners executed via the terminal (e.g., python3 -c "...open().write()..."). This dynamic code generation is used specifically for robust file writing and to bypass shell escaping limitations with complex Markdown text.
[PROMPT_INJECTION]: The skill processes untrusted external data—specifically issue bodies and code diffs—by interpolating them into prompt templates for evaluation by other AI models.
Ingestion points: Data is ingested through git diff output and the content of GitHub issues as specified in SKILL.md (e.g., # [Full background], [Complete plan content]).
Boundary markers: The prompt templates use Markdown headers (like ## The Plan and ## Context) to separate user-provided content from instructions, providing a minimal but common delimiter.
Capability inventory: The agent can perform file system writes (terminal, execute_code), execute arbitrary shell commands, and interact with external services via gh and git based on the results of the reviews.
Sanitization: The skill instructions do not include explicit sanitization, escaping, or validation steps for the plans or code diffs before they are embedded into the reviewer's prompt.

multi-provider-adversarial-review