The Agent Skills Directory

Prompt Injection (LOW): The skill is subject to Indirect Prompt Injection (Category 8) as it is designed to ingest and analyze untrusted source code from a user's workspace. * Ingestion points: Code content is read using the Read and Grep tools. * Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands within the analyzed code. * Capability inventory: The skill's impact is limited because it only has access to read-only tools (Read, Grep, Glob) and cannot write files or execute shell commands. * Sanitization: There is no logic to sanitize or filter potential instructions embedded in code comments.

reviewing-hook-patterns