The Agent Skills Directory

[PROMPT_INJECTION]: The skill consumes untrusted data from Pull Request titles, descriptions, and diffs, which creates a potential surface for indirect prompt injection. 1. Ingestion points: PR metadata and code diffs fetched via gh pr view and gh pr diff in SKILL.md. 2. Boundary markers: No specific delimiters are used to separate untrusted PR content from instructions. 3. Capability inventory: Commands to create issues on GitHub (gh issue create) and Linear (linear issue create), plus local file creation. 4. Sanitization: The skill enforces a human review step in chat before any publishing action is taken, which effectively mitigates the risk of the agent executing unintended actions based on the PR content.
[COMMAND_EXECUTION]: The skill utilizes git, gh (GitHub CLI), and linear (Linear CLI) to retrieve project information and automate issue creation. These are standard developer operations and are implemented using security best practices, such as passing content via temporary files (--body-file and --description-file) to prevent shell injection vulnerabilities.
[EXTERNAL_DOWNLOADS]: The skill interacts with the APIs of GitHub and Linear. These are well-known technology services, and the interactions are necessary for the skill's intended purpose of streamlining the QA workflow across developer tools.

qa-plan