The Agent Skills Directory

Command Execution: The skill utilizes the GitHub CLI (gh) to interact with repository data and the GitHub API. This allows the agent to view pull request details, analyze diffs, and post comments or reviews. While this is necessary for the skill's purpose, it involves executing commands that interact with external services. Evidence: gh pr view, gh pr diff, and gh api calls in SKILL.md.
Indirect Prompt Injection Surface: The skill processes external data in the form of pull request diffs. As with any system that interprets untrusted content, there is a possibility that instructions embedded in the reviewed text could influence the agent's actions. (1) Ingestion points: Documentation content and diffs retrieved from pull requests via the gh command. (2) Boundary markers: The instructions do not specify the use of delimiters to isolate untrusted content during processing. (3) Capability inventory: The skill has the ability to post comments and reviews via gh api and can modify local documentation files. (4) Sanitization: There are no explicit steps defined for sanitizing the input data before it is analyzed by the agent.

docs-review