The Agent Skills Directory

[COMMAND_EXECUTION]: The skill invokes the gh (GitHub CLI) and linear-cli tools to fetch PR details, diffs, and issue information. These commands use user-provided arguments (PR numbers, team IDs) to interact with local and remote environments.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it ingests untrusted data from external sources that can be controlled by third parties. * Ingestion points: Pull request titles, bodies, and code diffs are fetched using gh pr view and gh pr diff. Related issue descriptions are fetched using gh issue view and linear-cli issue. * Boundary markers: The instructions do not define clear boundaries or delimiters to separate the untrusted PR/issue content from the agent's internal logic, nor do they instruct the agent to ignore embedded commands. * Capability inventory: The skill has the capability to write back to external platforms using gh pr review to submit comments, approve changes, or request modifications. * Sanitization: There is no evidence of sanitization or filtering of the content retrieved from GitHub or Linear before it is processed by the agent.

reviewing-pull-requests