The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill fetches review procedures and verification commands from the developer's official GitHub repository (cognitedata/dune-app-reviews) using the GitHub CLI (gh). This is consistent with the skill's stated purpose and author context.
[COMMAND_EXECUTION]: Uses the shell to execute gh api and base64 commands to retrieve and decode remote instructions. These tools are explicitly allowed in the skill's configuration.
[REMOTE_CODE_EXECUTION]: The agent is instructed to follow instructions dynamically retrieved from the author's repository. This pattern is documented as part of the intended functionality for keeping review criteria updated.
[PROMPT_INJECTION]: The skill processes the local workspace as untrusted data, presenting an indirect prompt injection surface. Evidence: (1) Ingestion points: Current workspace files are read during the review. (2) Boundary markers: No explicit delimiters or instructions to ignore embedded content are present. (3) Capability inventory: Access to Shell, Write, and Read tools (SKILL.md). (4) Sanitization: No content filtering is specified. This represents an inherent risk associated with automated code review tools.

dune-app-review