The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses shell commands (git rev-parse, git log, git diff) to retrieve information for the code review process. Specifically, code-reviewer.md includes the execution of git diff --stat {BASE_SHA}..{HEAD_SHA}. This pattern assumes that the commit identifiers provided by the user or previous agent steps are well-formed and do not contain malicious shell characters.
[PROMPT_INJECTION]: The code review subagent ingests external data (descriptions and git diff output) into its instruction set, making it vulnerable to indirect prompt injection. * Ingestion points: Untrusted data enters the agent context via {DESCRIPTION}, {PLAN_REFERENCE}, and the git diff output in code-reviewer.md. * Boundary markers: The template does not utilize delimiters or specific 'ignore instructions' warnings to isolate the interpolated data from the agent's core instructions. * Capability inventory: The skill performs shell-based command execution and file reading via git diff. * Sanitization: No explicit sanitization or escaping of the interpolated content is observed in the provided scripts.

requesting-code-review