The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses the official GitHub CLI (gh) to monitor CI/CD pipelines, query APIs, and manage pull requests. These are standard administrative tasks and the use of the tool is within expected parameters.
[PROMPT_INJECTION]: An indirect prompt injection surface exists as the skill processes external data that could contain malicious instructions. 1. Ingestion points: External data is ingested through "gh run view --log-failed" and "gh pr diff" as documented in SKILL.md. 2. Boundary markers: No explicit markers or instructions to ignore embedded commands are present to protect the agent context. 3. Capability inventory: The skill can execute write operations including "gh pr review --approve" and "gh release create", which could be triggered by injected instructions. 4. Sanitization: There is no evidence of sanitization or validation of the data retrieved from external sources before it is processed by the agent.

github-pro