The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes standard command-line tools such as git (status, diff, log) and gh (pr create). These are used within the scope of its described functionality to analyze local changes and create pull requests on GitHub.
[PROMPT_INJECTION]: The instructions contain phrases like 'IMPORTANT', 'MUST', and 'Be skeptical', which are used to define the agent's workflow, task management strategy (TaskCreate), and analytical rigor. These are benign operational constraints and do not attempt to bypass safety filters or override core system behavior.
[DATA_EXFILTRATION]: No unauthorized network connections or sensitive file access were identified. The network operations are limited to standard GitHub interactions via the gh tool.
[INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data from git logs, diffs, and user-provided $ARGUMENTS. While this represents an attack surface for indirect instructions, the skill uses a shell heredoc (EOF) for the PR body, which is a defensive coding pattern that helps mitigate instruction injection in shell environments.

pr