The Agent Skills Directory

[COMMAND_EXECUTION]: The skill makes extensive use of the gh CLI to interact with GitHub. It uses gh auth status for permission checks, gh api (REST and GraphQL) for reading/writing configurations and templates, and gh issue create for the primary task of issue generation.- [EXTERNAL_DOWNLOADS]: Configuration JSON files and GitHub issue templates are fetched from remote repositories via the gh api. These downloads target GitHub (a well-known service) and are necessary for the skill's functionality.- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) because it ingests and processes untrusted data (templates and configs) from remote repositories that could contain malicious instructions.
Ingestion points: Data enters the agent context via gh api calls in SKILL.md during config syncing (under the 'Syncing Configs from GitHub' section) and template fetching (Step 2).
Boundary markers: The skill relies on JSON/YAML parsing and explicit schema validation against references/schema.json and references/settings-schema.json to constrain data interpretation.
Capability inventory: The skill possesses the ability to create issues (gh issue create) and modify repository content (gh api with PUT method for configs) as documented in SKILL.md (Step 6 and 'Adding a New Template').
Sanitization: The instructions emphasize parsing fetched content as JSON/YAML and skipping files that fail to parse, though specific prompt-level escaping of the interpolated issue body content is not detailed beyond standard Markdown structure.

github-issue-from-templates