The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes the av and git command-line tools to perform repository operations such as branch management, committing, and pull request synchronization.
[COMMAND_EXECUTION]: The agent is instructed to read internal tool metadata from .git/av/av.db using the cat command to parse the JSON structure and identify branch relationships in the stack. This is a legitimate operation for the tool's functionality.
[SAFE]: The allowed-tools configuration is appropriately restricted to relevant CLI binaries (av, git, jq, cat, test) and standard file system tools, preventing unauthorized execution of arbitrary commands.
[SAFE]: All network-related operations (such as PR creation and synchronization) are handled through the official av CLI and target the repository's configured remote on GitHub. No unauthorized external downloads or data exfiltration patterns were detected.
[SAFE]: The skill includes helpful defensive instructions to prevent the agent from accidentally corrupting stack metadata, such as advising against direct modification of the internal database file and avoiding tools that strip tracking information from PR descriptions.

av-cli