The Agent Skills Directory

[COMMAND_EXECUTION]: The skill requires the agent to run Git commands to inspect the repository status and manage branches. These are standard operations for development workflows.
[PROMPT_INJECTION]: The skill contains an attack surface for indirect prompt injection by reading the current worktree state. Ingestion points: current branch and worktree state (SKILL.md). Boundary markers: None. Capability inventory: branch creation/checkout and chat interaction (SKILL.md). Sanitization: None. The risk is mitigated by the instruction to stop and present a plan for user review after switching branches.

new-branch