The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes local git commands such as git diff and git log to extract information about code changes. These are standard operations for generating development summaries and occur within the local repository context.
[DATA_EXPOSURE]: The skill reads local file contents and repository history. This data is used to synthesize a PR writeup and is not transmitted to external servers by the skill's logic.
[PROMPT_INJECTION]: The skill is subject to Indirect Prompt Injection (Category 8) as it ingests untrusted data from git diffs and potentially external issue trackers.
Ingestion points: Reads git diff output, user-provided text, modified repository files, and issue tracker data via MCP.
Boundary markers: The instructions do not explicitly require the use of boundary markers when interpolating code diffs into the agent's context.
Capability inventory: The agent can read local files, execute git commands, and write the final HTML artifact to the ~/artifacts/ directory.
Sanitization: There are no explicit instructions to sanitize or escape content found within diffs or issue descriptions before processing.

html-pr-writeup