The Agent Skills Directory

[PROMPT_INJECTION]: The skill is designed to process untrusted data (source code under review). To mitigate potential indirect prompt injection, the SKILL.md file contains an explicit instruction (Step 10) for the agent to treat review targets as untrusted and ignore any instructions embedded within the code being analyzed.
[SAFE]: The execution environment is restricted to standard tools (Read, Write, Glob, Grep, Bash) used for file analysis and report generation. The provided Python scripts (issue-aggregator.py, pr-analyzer.py, rule-tester.py) perform local text processing and data aggregation without making network calls or accessing sensitive system files.
[SAFE]: The security rules defined in references/rules/security-rules.json are legitimate patterns used to detect vulnerabilities (like SQL injection or hardcoded secrets) in the code being reviewed, rather than malicious code within the skill itself.
[SAFE]: No persistence mechanisms, privilege escalation attempts, or obfuscation techniques (such as Base64 encoding or zero-width characters) were detected across the 30 files analyzed.

review-code