The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: Fetches the gh-aw CLI extension and setup Action from the official github organization repository.
[PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it reviews untrusted code from Pull Requests (ingestion points: changed files in PR). While the prompt template includes instructions to restrict the agent's actions to reporting and prevent file modification (boundary markers: present), it lacks explicit delimiters or sanitization for the code being analyzed (sanitization: absent). Malicious content in a PR could theoretically attempt to manipulate review findings or influence the agent's learning loop data (capability inventory: PR findings, learning loop metadata).

simplify-and-harden-ci