The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill implements a fallback mechanism to download missing reference files from the author's public GitHub repository (levnikolaevich/claude-code-skills) using the WebFetch tool. This is a legitimate dependency for the skill's operational templates and guidelines.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes untrusted project files (CHANGELOG.md, README.md, and source code) to compose announcements.
Ingestion points: Reads project documentation, git logs, and source files from the current working directory.
Boundary markers: No explicit delimiters or boundary markers are used to isolate untrusted file content from instructions.
Capability inventory: The skill can execute shell commands (Bash) and publish content to GitHub via GraphQL mutations (gh api).
Sanitization: The risk is mitigated by a mandatory human-in-the-loop approval step ('Wait for explicit approval before publishing') and a 'Humanizer audit' process designed to identify AI patterns.
[COMMAND_EXECUTION]: The skill uses local shell commands (git, ls, grep) and the GitHub CLI (gh) to discover repository metadata and publish discussions. These operations are scoped to the intended functionality and are executed after user confirmation.

ln-912-community-announcer