The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes several 'gh' CLI commands and 'git' operations to view PR details, check mergeability, manage branches, and perform rebases. These are standard operations for a PR review agent.
[EXTERNAL_DOWNLOADS]: The skill uses 'Chrome DevTools MCP' for browser automation. It navigates to preview URLs extracted from PR comments to perform E2E verification. This is the primary intended purpose of the skill.
[REMOTE_CODE_EXECUTION]: The skill includes 'hooks/block-push-to-main.sh' and 'hooks/verify-completion.sh' which are executed at specific lifecycle points. These are local scripts distributed with the skill to enforce workflow rules.
[DATA_EXFILTRATION]: The 'scripts/upload-screenshot.sh' script uploads PNG files to a 'screenshots' branch in the user's own repository. It requires a 'GH_TOKEN' with write access, which is standard for agents managing repository content. No evidence of data being sent to unauthorized third-party domains was found.
[PROMPT_INJECTION]: The skill contains strict instructions for the agent to follow a 'Decision Gate' (references/decision-gate.md) to ensure findings are reconciled before approving a PR. This acts as a safety measure to prevent the agent from ignoring its own negative findings.

autonomous-review