The Agent Skills Directory

[SAFE]: No malicious patterns or security risks were identified.
[COMMAND_EXECUTION]: The skill references using grep for codebase searches and the GitHub CLI (gh api) for replying to review comments. These tools are used within their intended scope for code review tasks and are not used to perform unauthorized operations.
[INDIRECT_PROMPT_INJECTION]: The skill's primary function involves processing external code review feedback, which is an untrusted data source. It includes a specific verification framework (Ingestion points: reviewer comments; Boundary markers: absent; Capability inventory: grep and gh api; Sanitization: manual technical verification) that instructs the agent to check suggestions against the codebase and push back on incorrect advice, mitigating the risk of following malicious instructions embedded in reviews.

receiving-code-review