The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes git and gh CLI commands to gather repository data. Commands are invoked using list-based arguments in subprocess.run, avoiding shell execution and protecting against command injection. Subprocess calls are restricted to the local filesystem and the authenticated GitHub CLI.\n- [PROMPT_INJECTION]: The skill possesses a risk surface for indirect prompt injection as part of its primary data retrieval function. Ingestion points: The skill reads untrusted data from external sources including git commit messages and GitHub PR comments in scripts/history_context.py and scripts/compact_pr.py. Boundary markers: Findings are presented to the agent within structured JSON or Markdown reports. Capability inventory: The skill can read local files and query the GitHub API via CLI tools. Sanitization: Input is compacted and truncated but not filtered for embedded instructions. The skill's internal instructions advise the agent to assess risk and evidence confidence.\n- [SAFE]: No malicious behavior, obfuscation, or unauthorized data access was detected. The skill uses standard development tools and infrastructure and adheres to intended functionality.

investigating-repository-history