The Agent Skills Directory

[INDIRECT_PROMPT_INJECTION]: The skill is designed to perform security audits on external, untrusted codebases. This creates a potential surface for indirect prompt injection where malicious instructions could be embedded in the code being reviewed to influence the auditor's behavior.
Ingestion points: Reading, grepping, and globbing files within a target repository as described in SKILL.md.
Boundary markers: Not explicitly defined in the review instructions.
Capability inventory: Includes tools like Edit and Bash, which provide significant control over the environment.
Sanitization: No specific sanitization logic is provided for processing raw file content during the audit.

typescript-security-review