The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes scripts/fetch_copilot_threads.py and scripts/resolve_review_thread.py to execute gh (GitHub CLI) commands. These scripts use subprocess.run with argument lists rather than shell strings, which is a secure method that prevents shell injection attacks.
[DATA_EXFILTRATION]: Data access is restricted to GitHub pull request metadata and comments retrieved through the official GitHub CLI. There is no evidence of unauthorized access to sensitive local files or data being sent to untrusted external domains.
[CREDENTIALS_UNSAFE]: No hardcoded API keys or secrets are found. The skill relies on the existing authentication state of the GitHub CLI, prompting the user to verify authentication via gh auth status.
[PROMPT_INJECTION]: As the skill processes content from GitHub comments, it is exposed to the risk of indirect prompt injection. However, the SKILL.md workflow includes explicit instructions for the agent to verify code changes independently and not to assume the correctness of automated comments, which effectively mitigates the impact of such an attack.

gh-address-copilot-comments