The Agent Skills Directory

[COMMAND_EXECUTION]: The skill automatically executes shell scripts located at .agents/bin/detect-worktree-links.sh and resolve-worktree-links.sh within the repository being operated on. These scripts are triggered during the 'Merge Locally' workflow (Option 1) if they are present and executable.
[COMMAND_EXECUTION]: The skill constructs the paths to these scripts using git rev-parse --show-toplevel, making the execution path relative to the current project. There is no verification of the script content or origin, which allows a malicious repository to provide its own scripts that the agent will execute.
[COMMAND_EXECUTION]: The skill performs a git commit --amend after running these scripts if they identify issues. This could be used to silently modify the codebase or commit history without the user's explicit review of the changes made by the scripts.
[COMMAND_EXECUTION]: The skill demonstrates an indirect prompt injection surface by ingesting file names from git diff and passing them as arguments to external scripts.
Ingestion points: File names are retrieved from git diff --name-only into the CHANGED_FILES variable in SKILL.md.
Boundary markers: Absent; the skill does not use delimiters or warnings for the agent regarding the content of the file names.
Capability inventory: Subprocess execution for custom scripts, git merge, git push, and gh pr create in SKILL.md.
Sanitization: Absent; file names are passed directly to xargs without validation or escaping.

finishing-a-development-branch