The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes local git commands to gather metadata about repository changes, which is necessary for its core function of PR generation.
[EXTERNAL_DOWNLOADS]: The reference documentation suggests the installation of a third-party GitHub CLI extension (drogers0/gh-image). This is presented as an optional user-initiated step for managing image evidence.
[COMMAND_EXECUTION]: The skill provides templates for generating gh CLI commands using secure shell practices, specifically quoted HEREDOCs (<<'EOF'), to ensure that the content extracted from the code does not trigger unintended command execution during the PR creation process.
[PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it processes untrusted data from git diff outputs (Ingestion points). However, the risk is mitigated through the use of boundary markers in Mermaid labels and the use of quoted HEREDOCs in generated shell commands (Sanitization), which prevents the capability inventory (gh CLI operations) from being manipulated by malicious code content.

github-pull-request