The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes a local shell script (scripts/prepare-diff.sh) to retrieve git diffs and identify the technical stack (MCU, RTOS, and compiler) of the project. These commands use standard system tools like git and grep within the scope of the user-provided repository path and are necessary for the skill's function.
[PROMPT_INJECTION]: Because the skill processes external code diffs, it has an inherent vulnerability surface for indirect prompt injection. Malicious instructions could be placed in code comments to manipulate the agent's review. However, the skill implements a 'cross-review' strategy using independent sub-agents to validate findings, which serves as a mitigation measure.
[SAFE]: The skill logic and reference materials were analyzed for obfuscation, hardcoded credentials, and unauthorized network operations. No such malicious patterns or security risks were found.

embedded-cross-review