The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses execSync to run git diff --staged to retrieve staged changes for analysis. The command is a hardcoded string and does not interpolate user-controlled inputs, mitigating common command injection risks.
[PROMPT_INJECTION]: The skill processes untrusted content from staged git files which could contain indirect prompt injection attacks designed to influence the behavior of the agent during the code review process. * Ingestion points: Content is ingested through src/lib.ts via the getStagedDiff function. * Boundary markers: No explicit delimiters or security markers are used to differentiate code content from agent instructions in the retrieved diff. * Capability inventory: The skill possesses command execution capabilities through execSync in src/lib.ts. * Sanitization: There is no evidence of sanitization or filtering applied to the retrieved content before it is processed by the agent.

local-reviewer