The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes local shell scripts and CLI tools to perform code analysis tasks. It runs orchestrate.sh and agent-registry.sh from the local .claude-octopus directory to coordinate review phases. It uses git to retrieve file diffs and branch information, and utilizes the GitHub CLI (gh) to interact with Pull Requests and post review comments.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests and processes untrusted code changes from external repositories. Ingestion points: The skill reads file contents and diffs via git diff and repository metadata via the GitHub CLI. Boundary markers: The instructions lack explicit delimitation or isolation protocols (such as 'ignore embedded instructions' warnings) to prevent the LLM from executing instructions hidden within the code under review. Capability inventory: The agent has access to local shell execution, the file system, and network operations through the GitHub CLI. Sanitization: There is no evidence of input validation, escaping, or sanitization of the analyzed code diffs before they are processed by the multi-LLM pipeline.

skill-code-review