The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses Git and GitHub CLI tools to manage branches and push code. It also executes language-specific verification tools like tsc, go build, and cargo check.
[DYNAMIC_EXECUTION]: The skill is configured to run project-specific verification scripts found in files like package.json, Makefile, or Justfile, allowing for arbitrary command execution defined within the codebase.
[DATA_EXFILTRATION]: Code and metadata are transmitted to GitHub via git push and gh pr create as part of the intended workflow. This uses a well-known service for its primary purpose.
[INDIRECT_PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection from repository content.
Ingestion points: Commit logs via git log, diffs via git diff, and repository files like PR templates.
Boundary markers: No explicit delimiters or instructions are used to separate ingested content from the PR description prompt.
Capability inventory: The skill has access to shell execution (git, gh, build tools) and file system read access.
Sanitization: No sanitization or filtering is performed on the ingested commit messages or template content.

open-pr