The Agent Skills Directory

[Metadata Analysis] (SAFE): The file contains orchestration configuration for a 'sop-workflow' involving various reviewer roles. No active code or commands are present.
[Indirect Prompt Injection Surface] (LOW): The workflow is designed to process Pull Requests. This identifies a surface where an agent might ingest untrusted content from PR descriptions or code, which is a standard risk for code-review skills.
[Data Exposure] (SAFE): A local path in the migration metadata reveals the author's local username, but this does not pose a risk to the skill's execution or the user.

when-reviewing-pull-request-orchestrate-comprehensive-code-revie