The Agent Skills Directory

[PROMPT_INJECTION]: The skill ingests and processes code from external pull requests, creating a surface for indirect prompt injection where malicious instructions could be embedded in the code being reviewed (SKILL.md). Ingestion points: Reads diff content from arbitrary pull request branches via git fetch and git diff. Boundary markers: Absent; the skill does not instruct the agent to use specific delimiters or ignore instructions within the ingested code. Capability inventory: Filesystem Write access to generate reports in IDE-specific folders and Bash access to perform git operations. Sanitization: No explicit validation or filtering of the ingested pull request content is performed.
[EXTERNAL_DOWNLOADS]: Fetches pull request data from well-known services like GitHub or GitLab using git fetch to perform its primary function of code auditing (SKILL.md).

codex-pr-review