The Agent Skills Directory

[SAFE]: No malicious patterns, obfuscation, or unauthorized data access detected. The skill's behavior is transparent and strictly limited to its stated purpose of managing a development workflow.
[COMMAND_EXECUTION]: The skill utilizes the git-gamble CLI or standard Git commands (git commit, git reset) to automate the TCR workflow. This is a legitimate development use case. The risk is mitigated by requiring the agent to obtain user approval before planning changes, before writing code, and before running the execution tool.
[INDIRECT_PROMPT_INJECTION]: The skill ingests user input to define feature behaviors and write tests. The attack surface is effectively managed through the requirement for 'diff approval,' ensuring the user reviews all generated code and test logic before it is executed or committed to the repository.

tcrdd