The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses local shell commands to retrieve repository information and generate diffs. Specifically, it executes git rev-parse, git log, and git diff to identify the range of changes and extract the code content for review.
[PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection within the code-reviewer.md template, as it interpolates untrusted external data into the agent's execution context.
Ingestion points: Untrusted data enters the context via placeholders like {WHAT_WAS_IMPLEMENTED}, {PLAN_OR_REQUIREMENTS}, and {DESCRIPTION}. Additionally, the content returned by git diff (the code being reviewed) is directly processed by the AI.
Boundary markers: The prompt template does not utilize clear delimiters or specific instructions to the agent to treat interpolated content strictly as data, increasing the risk that instructions hidden in code comments or descriptions could be obeyed.
Capability inventory: The skill possesses the ability to execute shell commands and dispatch subagents via the Task tool.
Sanitization: No sanitization, escaping, or validation logic is defined to inspect the content of the requirements files or git diffs before they are passed to the reviewer agent.

requesting-code-review