The Agent Skills Directory

[PROMPT_INJECTION]: The skill processes untrusted external data in a way that could allow indirect prompt injection. Ingestion points: Review comments and bodies are fetched from the GitHub API in workflows/review-loop.md (Step 1a and 1b). Boundary markers: Absent. The instructions do not specify any delimiters or safety warnings for the agent when interpreting CodeRabbit comments. Capability inventory: The skill has permissions to execute shell commands (pnpm validate in workflows/review-loop.md), commit and push code (git push in workflows/review-loop.md), and merge pull requests (gh pr merge in workflows/review-loop.md). Sanitization: There is no evidence of sanitization or validation of the fetched comment data before it is presented to the agent.
[COMMAND_EXECUTION]: The skill relies on shell commands for repository validation and GitHub interaction. Evidence: The workflow in workflows/review-loop.md executes pnpm validate and git commands. Scripts resolve-threads.sh and check-ci-status.sh use the gh CLI to perform API queries and mutations.

coderabbit-resolver