The Agent Skills Directory

[COMMAND_EXECUTION]: The scripts/release_web_s3.sh script is designed to execute arbitrary shell commands provided through environment variables such as PRE_BUILD_CMD, TEST_CMD, and SLANG_CMD. These commands are executed via bash -lc, which is a standard mechanism for flexible build scripts but represents a direct command execution capability.
[PROMPT_INJECTION]: The scripts/prepare_web_release.py script facilitates an indirect prompt injection surface by processing untrusted data from Git commit history.
Ingestion points: Git commit subjects and bodies are fetched using git log in scripts/prepare_web_release.py to generate release notes.
Boundary markers: The generated report uses RELEASE_NOTES_START and RELEASE_NOTES_END delimiters to scope the ingested content.
Capability inventory: The skill possesses file write access (pubspec.yaml), shell execution via bash -lc in scripts/release_web_s3.sh, and network operations via aws s3 sync.
Sanitization: Commit messages are used verbatim in the output without sanitization, allowing potentially malicious instructions in a commit to be presented to the agent during the release process.

release-flutter-web-s3