The Agent Skills Directory

[SAFE]: The skill consists of instructional guidelines and contains no malicious code, remote downloads, or obfuscation. It focuses on improving the technical accuracy of the agent's responses to human and external feedback.
[COMMAND_EXECUTION]: The file references the use of grep for codebase searching and gh api for interacting with GitHub Pull Request comments. These are standard developer tools used within their intended scope for legitimate tasks (e.g., verifying feature usage or replying to reviews).
[PROMPT_INJECTION]: While the skill contains instructions to override typical conversational behaviors (e.g., forbidding phrases like "You're absolutely right!"), these are technical constraints designed to ensure rigor and compliance with local environment rules (referenced as CLAUDE.md), rather than attempts to bypass AI safety filters.
[INDIRECT_PROMPT_INJECTION]: The skill explicitly addresses the risk of untrusted external feedback. It mandates a 'Verify before implementing' pattern and instructs the agent to be skeptical of external suggestions, providing a defensive framework to mitigate potential indirect prompt injection attacks from external reviewers.

receiving-code-review