The Agent Skills Directory

[COMMAND_EXECUTION]: The skill automates complex Git workflows using shell commands such as git filter-branch, git push --force-with-lease, and git cherry-pick. These are necessary for the primary function of rewriting repository history.
[COMMAND_EXECUTION]: It executes a local Python utility script (scripts/rewrite_msg.py) to apply message transformations. This execution is limited to the skill's own packaged code.
[PROMPT_INJECTION]: The skill processes potentially untrusted data in the form of existing Git commit messages (indirect prompt injection surface).
Ingestion points: Recent Git commit subjects and bodies (SKILL.md, step 4).
Boundary markers: The instructions do not define specific delimiters or instructions to ignore embedded commands within the messages being processed.
Capability inventory: The skill has significant capabilities including file system modification (/tmp/cc-rewrite-map.tsv), shell command execution, and network communication via Git push.
Sanitization: No specific sanitization of commit message content is described; however, the workflow mandates that the agent 'Show old -> new plan and wait for explicit confirmation' (step 6), providing a human-in-the-loop defense against malicious content influencing the final rewrite.

git-commit-rewrite