The Agent Skills Directory

[PROMPT_INJECTION]: The skill processes untrusted data from codebase files, which presents an attack surface for indirect prompt injection. \n- Ingestion points: Uses Read, Grep, and Glob tools to gather context from external files as documented in SKILL.md. \n- Boundary markers: The instructions lack explicit delimiters or safety markers to differentiate between instructions and the data being reviewed. \n- Capability inventory: The skill is restricted to file reading and search tools (Read, Grep, Glob) and does not have access to subprocesses, file writing, or network operations. \n- Sanitization: No sanitization or filtering logic is defined for the content read from external files.

code-quality-reviewer