The Agent Skills Directory

[COMMAND_EXECUTION]: The skill permits the use of bash for codebase exploration but enforces strict limitations to prevent abuse. It explicitly allows only a predefined set of read-only tools such as eza, git status, rg, fd, and bat.
[COMMAND_EXECUTION]: The instructions provide a deny-list of dangerous operations, explicitly forbidding commands that change system state (e.g., mkdir, rm, npm install, pip install) and prohibiting the use of redirection operators like >, >>, or | to create or modify files.
[INDIRECT_PROMPT_INJECTION]: The skill is designed to process external code review comments. While these comments constitute untrusted input, the potential for exploitation is significantly mitigated by the restrictive, read-only execution environment defined for the agent.

resolve