The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes shell commands for repository context gathering (git status, git diff) and for verifying mathematical logic through test suites (pytest) and notebook execution (jupyter nbconvert). These operations are constrained to the local file system and align with the skill's primary purpose of code review.
[PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection (Category 8) because it is designed to read and execute user-provided code and notebooks.
Ingestion points: Reads local mathematical source code, test files, and Jupyter notebooks as described in the context sync and proof-of-work steps.
Boundary markers: The instructions do not define explicit delimiters to isolate content from analyzed files from the agent's internal logic.
Capability inventory: The skill possesses the ability to execute code via pytest and jupyter nbconvert, providing a potential path for code-based injection if the project being reviewed contains malicious test cases or notebooks.
Sanitization: There is no evidence of pre-execution validation or sanitization of the content found within the analyzed files.
[SAFE]: No evidence of data exfiltration, hardcoded credentials, obfuscation, or unauthorized network activity was detected. The skill's behavior is consistent with its stated goal of mathematical verification.

math-review