The Agent Skills Directory

[COMMAND_EXECUTION]: The skill makes extensive use of Bash to execute static analysis pipelines involving find, grep, awk, sed, xargs, ls, and wc. These commands are used to scan source code for patterns related to duplication, complexity, and architectural violations.
[COMMAND_EXECUTION]: In modules/duplication-analysis.md, the skill executes a local Python script located at plugins/conserve/scripts/detect_duplicates.py. This is an expected behavior for a tool leveraging local plugins for enhanced analysis.
[COMMAND_EXECUTION]: The module code-quality-analysis.md utilizes the GitHub CLI (gh) to retrieve diffs for pull request analysis, which is a standard operation for PR review tools.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it ingests and processes untrusted data from local source files.
Ingestion points: Files are read via grep, sed, and awk in all provided modules (e.g., modules/clean-code-checks.md, modules/algorithm-efficiency.md).
Boundary markers: No explicit delimiters or instructions to ignore embedded content are used when processing file content.
Capability inventory: The skill has the capability to execute Bash commands and run a local python3 script.
Sanitization: There is no evidence of sanitization or filtering of the content extracted from source files before it is processed or presented to the agent.

code-refinement