The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes local git commands and Python scripts. In scripts/check_pipeline_status.py, it uses subprocess.run to call get_pr_details.py. The execution uses a list of arguments and a fixed script path, which is a secure method for invoking subprocesses.
[CREDENTIALS_UNSAFE]: The skill requires a GITCODE_ACCESS_TOKEN. Instructions in SKILL.md direct the agent to read this from a local token file or request it from the user, which follows standard best practices for secret management in automation tools.
[EXTERNAL_DOWNLOADS]: The Python scripts perform network requests to api.gitcode.com using the requests library. These operations are necessary for the skill's functionality and target the official API of a well-known service provider.
[DATA_EXFILTRATION]: Although the skill transmits data to an external API, the data shared (PR details, issue descriptions, and comments) is restricted to the context of the repository being managed and does not include unauthorized access to sensitive local files.
[PROMPT_INJECTION]: The skill ingests external data from GitCode API responses, such as PR comments. While this presents an indirect prompt injection surface, the skill implements robust mitigation by including mandatory 'suspend' (挂起) steps. These steps force the agent to halt and wait for manual user confirmation before proceeding with critical actions like merging code.

gitcode-merge-flow