The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it analyzes untrusted data from pull request diffs and issue bodies to drive its review logic.
Ingestion points: Pull request diffs via gh pr diff and issue descriptions via gh pr view in SKILL.md.
Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are used when processing external data.
Capability inventory: The skill can modify the repository using git (including force pushes), interact with GitHub issues and PRs using gh, execute local scripts, and perform browser automation via the Chrome DevTools MCP as defined in SKILL.md, references/e2e-verification.md, and references/merge-conflict-resolution.md.
Sanitization: No sanitization or filtering of external content is specified before interpolation into agent prompts.
[COMMAND_EXECUTION]: The skill performs various system command executions to automate the review process.
Uses git for branch operations and rebasing in references/merge-conflict-resolution.md.
Uses the GitHub CLI (gh) for issue and pull request interactions in SKILL.md.
Executes repository-local scripts scripts/mark-issue-checkbox.sh and scripts/upload-screenshot.sh.
Utilizes browser automation tools (Chrome DevTools MCP) for E2E verification steps in references/e2e-verification.md.

autonomous-review