The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses eval to execute shell commands dynamically generated by the bundled flowctl script. This dynamic execution pattern is used to set up the review environment but presents a risk if the generated output or the inputs used to generate it are not properly sanitized.
[COMMAND_EXECUTION]: User-supplied arguments ($ARGUMENTS) are parsed and used to generate a summary that is subsequently interpolated into a command string executed via eval. This creates a potential command injection surface if the AI agent does not strictly validate or escape the user input before interpolation.
[COMMAND_EXECUTION]: The skill executes multiple system commands, including git (to collect branch history, logs, and diffs), cat (to write temporary files), and open (to launch the exported file in the user's default application).
[COMMAND_EXECUTION]: The skill relies on a bundled executable script (flowctl) located in the plugin's internal directory. While documented as part of the skill's infrastructure, its bundled nature means its behavior is opaque to the platform's standard command verification.

flow-next-export-context