The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses shell commands for codebase analysis and infrastructure management. It employs find and grep to identify integration points in source code, npm for dependency management, and kubectl for environment configuration and deployment rollouts.
[EXTERNAL_DOWNLOADS]: Fetches the @coderabbit/sdk package from the npm registry. CodeRabbit is recognized as a well-known service for AI-powered code reviews, making this a legitimate dependency for the migration task.
[PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection due to its analysis of local files.
Ingestion points: The assessment step reads content from local .ts and .py files using find and grep (SKILL.md).
Boundary markers: No explicit delimiters or instructions are used to prevent the agent from following potential malicious commands embedded within the analyzed source code.
Capability inventory: The skill has access to sensitive tools including Bash(kubectl:*) for cluster management, and Write/Edit permissions for local files.
Sanitization: There is no evidence of sanitization or content validation for the source code data ingested during the migration assessment phase.

coderabbit-migration-deep-dive