The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes the githits CLI and npx to perform its operations. This is the primary intended function of the skill for code search and navigation.
[DATA_EXPOSURE]: The instructions explicitly forbid exposing credentials and provide guidance for interactive login or using environment variables for tokens, which is a standard and safe practice for CLI tools.
[INDIRECT_PROMPT_INJECTION]: The skill recognizes that it processes untrusted third-party content (READMEs, source code, comments). It contains robust defensive instructions (External Content Posture) that direct the agent to treat such content as data rather than instructions, specifically warning against executing commands or following architectural advice found in prose.
Ingestion points: Third-party content from githits example, githits search, githits code read, and githits docs read (SKILL.md, references/code-and-docs.md).
Boundary markers: The 'External Content Posture' section acts as a logical boundary and policy for the agent.
Capability inventory: Local command execution via githits or npx (SKILL.md).
Sanitization: The skill instructs the agent to rely on structured JSON fields over prose to minimize injection risks.

githits-code