The Agent Skills Directory

[SAFE]: The skill operates as a static code analysis tool. It reads user-provided code and writes review reports to a local file system directory using the create_file tool. No network exfiltration or credential access was detected.
[PROMPT_INJECTION]: The skill processes untrusted code provided by users, which establishes an attack surface for indirect prompt injection. This is a low-risk characteristic inherent to the skill's primary function. Ingestion points: Code snippets or files provided by the user for maintainability review as defined in SKILL.md. Boundary markers: The skill does not define explicit delimiters or 'ignore' instructions for the code content in its prompt template. Capability inventory: The skill utilizes the create_file tool to write reports and present_files to show them. Sanitization: No explicit sanitization or validation of the input code is described in the instructions.

code-review-refactoring