The Agent Skills Directory

[COMMAND_EXECUTION]: Uses the Bash tool to run git status, git diff, and grep commands locally to identify changed files and search for specific code patterns such as force unwraps, hardcoded secrets, and performance issues in SwiftUI views. These operations are scoped to the local repository and are essential to the skill's primary function.
[PROMPT_INJECTION]: The skill processes untrusted code content from the local repository, creating a surface for indirect prompt injection. This is evaluated as a vulnerability surface rather than a direct threat.
Ingestion points: Code content is ingested via the git diff command and the Read tool as specified in SKILL.md.
Boundary markers: The skill does not implement explicit boundary markers or system instructions to ignore embedded commands within the processed code.
Capability inventory: The agent possesses Write capabilities for applying code fixes and Bash capabilities for command execution.
Sanitization: There is no evidence of sanitization or escaping of the code content before it is interpolated into the agent's reasoning context.

review-changes