The Agent Skills Directory

[PROMPT_INJECTION]: The skill analyzes PR diffs and codebase content, which introduces a vulnerability surface for indirect prompt injection. If an attacker embeds malicious instructions in the code being reviewed, the agent might inadvertently follow them.\n- Ingestion points: Processes external codebase files and diff data via the 'Read', 'Grep', and 'Glob' tools mentioned in SKILL.md.\n- Boundary markers: Lacks explicit delimiters or instructions to treat analyzed code as untrusted data.\n- Capability inventory: Tools are restricted to read-only operations ('Read', 'Grep', 'Glob') with no network or file-write permissions.\n- Sanitization: No sanitization of the processed code content is described.

code-review-checklist