The Agent Skills Directory

[Indirect Prompt Injection] (LOW): The skill instructs the agent to read external content from pull request comments to facilitate code reviews. This content is controlled by external users and could contain malicious instructions.
Ingestion points: PR comments retrieved via gh pr view --comments and gh api calls.
Boundary markers: Absent; the skill does not suggest using delimiters to separate untrusted comments from the system prompt.
Capability inventory: Extensive repository access through git and gh commands, including the ability to commit, push, and merge changes.
Sanitization: No sanitization or validation of external input is performed.

adynato-github