The Agent Skills Directory

[PROMPT_INJECTION]: The skill incorporates external data from Jira issue summaries, descriptions, and Jenkins build logs to autonomously generate code and fix errors. A malicious user with Jira access could embed instructions designed to manipulate the agent. The skill lacks explicit boundary markers or sanitization for this data and instructs the agent to "ignore warnings" and "make reasonable decisions" without user confirmation, significantly reducing oversight.
[COMMAND_EXECUTION]: The skill uses the "af" CLI tool, "git", and "jq" for various tasks. It employs command substitution to derive arguments from JSON data, such as "af jira assign --to $(af jira get --json | jq -r '.reporter.emailAddress')".
[DATA_EXFILTRATION]: The skill performs network operations to interact with Jira, Git remotes, and Jenkins. While these are functional for the skill's purpose, they involve transmitting project metadata and source code to external infrastructure automatically.

autopilot