The Agent Skills Directory

[SAFE]: The skill is designed for repository maintenance and CI/CD automation. It generates standard workflow configurations for various ecosystems (Node.js, Rust, Go, Elixir, etc.) using official, versioned GitHub Actions and established tools like the GitHub CLI.
[PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it reads project-specific configuration files (such as package.json, Cargo.toml, and .env.test) to derive build and test commands. While malicious content in these files could theoretically influence the generated workflow, this behavior is a necessary component of the skill's primary functionality.
Ingestion points: Reads repository root metadata files (mix.exs, package.json, Cargo.toml, go.mod, pubspec.yaml, pyproject.toml, Makefile, flake.nix), existing workflow YAML files, and service configuration files (config/test.exs, docker-compose.yml, .env.test) in SKILL.md.
Boundary markers: The skill does not implement specific delimiters or instructions to isolate the content read from these files from the agent's logic.
Capability inventory: The skill has the capability to write files (workflow YAMLs and version updates) and execute shell commands including git and gh CLI in SKILL.md.
Sanitization: The skill does not explicitly validate or sanitize the data retrieved from project files before using it to construct shell commands or workflow steps.

cmd-setup-workflows