The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes multiple shell commands and CLI tools such as npm, git, jq, grep, and tsc to manage package lifecycles, perform type checks, and automate versioning.
[EXTERNAL_DOWNLOADS]: Fetches package information from the npm registry using npm view and performs test installations using npm install in temporary directories to verify package integrity. These are standard operations for the npm ecosystem.
[DATA_EXFILTRATION]: Includes functionality to push code and metadata to external targets through npm publish and git push, which is consistent with the skill's purpose of release management.
[PROMPT_INJECTION]: The skill ingests data from local project files and git history, creating a potential surface for indirect instructions to influence agent behavior. Ingestion points: processes content from package.json, CHANGELOG.md, and the output of git log. Boundary markers: lacks explicit delimiters or instruction-bypass warnings when handling ingested data. Capability inventory: possesses capabilities to modify repository state and publish code to public registries. Sanitization: employs jq for structured JSON data but uses basic text processing for changelogs and commit messages.

npmjs