The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill uses npx to execute the ruv-swarm tool directly from the npm registry. This tool is provided by the author ('ruvnet') and is therefore considered a vendor-owned resource.\n- [COMMAND_EXECUTION]: The skill executes multiple shell commands to interact with the GitHub CLI (gh), including retrieving PR data and diffs, and posting review outcomes to the repository.\n- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8).\n
Ingestion points: Reads external, untrusted content from GitHub Pull Requests (titles, bodies, and diffs) using gh pr view and gh pr diff in SKILL.md.\n
Boundary markers: None detected. The skill does not use delimiters or explicit instructions to isolate untrusted PR content from the agent's core logic.\n
Capability inventory: The skill can perform sensitive GitHub actions such as commenting on PRs, requesting changes, and approving reviews via the Bash tool.\n
Sanitization: There is no evidence of data sanitization or validation performed on the PR content before it is processed by the AI agents.

agent-code-review-swarm