The Agent Skills Directory

[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8). It retrieves external, potentially untrusted data such as commit messages and pull request titles using the GitHub API and provides this content as context for AI-driven orchestration tasks.
Ingestion points: SKILL.md (e.g., CHANGELOG and PRS variables).
Boundary markers: None detected in the prompt construction logic.
Capability inventory: The skill utilizes tools for shell execution (Bash), file system modifications (Write), and multi-agent coordination (mcp__claude-flow__task_orchestrate).
Sanitization: No explicit sanitization or validation of the fetched GitHub metadata is performed before processing.
[COMMAND_EXECUTION]: The skill relies on significant shell command execution capabilities via the Bash tool to perform git operations, build processes, and interact with the GitHub CLI for release management.
[EXTERNAL_DOWNLOADS]: The instructions frequently invoke npx claude-flow and npx claude-flow@alpha. This pattern involves the dynamic download and execution of external packages from the npm registry during the release workflow.

github-release-management