The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses local shell commands to gather information and manage report files.
It executes git diff and git diff --cached to identify changed files and content for review.
It creates the reviews directory using mkdir -p reviews if it does not exist.
It attempts to launch an external editor using $EDITOR, code, or the macOS open command to display review reports.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the local code and project documentation it analyzes.
Ingestion points: The agent reads local project rules (CLAUDE.md) and the output of git diff commands representing uncommitted code changes in the workspace.
Boundary markers: The instructions do not define clear delimiters or include warnings to the agent to ignore or isolate instructions that might be embedded within the source code being reviewed.
Capability inventory: The agent is explicitly instructed to use Write or Edit capabilities to automatically apply code fixes to the local filesystem based on its findings.
Sanitization: There is no evidence of sanitization, filtering, or validation of the code content before it is processed by the agent or used to generate file modifications.

review-local