The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes standard shell commands including git and gh (GitHub CLI) to manage repository state and interact with GitHub. It also invokes a utility named agent-validator, which is used to check for pre-push validation gates.
[SAFE]: The instructions explicitly direct the agent to avoid staging sensitive files like .env or credentials during the commit process, which is a recognized security best practice for code automation tools.
[PROMPT_INJECTION]: The skill demonstrates a surface area for indirect prompt injection because it processes untrusted repository data to generate commit messages and pull request descriptions. This behavior is a core functional requirement and is documented below:
Ingestion points: Uses git diff and git log output to inform the generation of commit messages and PR bodies.
Boundary markers: No specific delimiters or boundary markers are utilized to separate untrusted repository content from instructions.
Capability inventory: The skill has the capability to write to the repository (git commit) and push to remote servers (git push, gh pr create/edit).
Sanitization: The process relies on the language model's inherent interpretation of the diffs rather than explicit sanitization or filtering of the code content.

push-pr