The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes local shell commands to interact with the version control system. In SKILL.md, it uses git rev-parse and git log to determine commit hashes for the review range. In code-reviewer.md, it executes git diff --stat and git diff to provide the subagent with the code changes. While these are standard development operations, they represent the execution of system commands based on the current repository state.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because the code-reviewer subagent processes untrusted content from the repository. * Ingestion points: The subagent in code-reviewer.md ingests implementation details, requirements documents, and git diff output via template placeholders. * Boundary markers: The template does not utilize specific delimiters or clear instructions to the AI to ignore instructions embedded within the code or planning documents it is reviewing. * Capability inventory: The system has the capability to read file contents and execute git commands to inspect the repository history. * Sanitization: No sanitization, escaping, or validation is performed on the code changes or documentation content before it is presented to the subagent.

requesting-code-review