The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill fetches its own instructional components and templates from the author's repository (github.com/levnikolaevich/claude-code-skills) using WebFetch if they are not present in the local environment. This is a documented mechanism for managing shared skill resources.
[COMMAND_EXECUTION]: The skill utilizes the GitHub CLI (gh) and standard shell commands (grep, ls) to interact with the repository's metadata and search for technical answers within the codebase. These operations are within the stated scope of community engagement.
[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes untrusted user-generated content from GitHub issues and discussions. This risk is effectively mitigated by a mandatory human-in-the-loop step where the user must explicitly approve any drafted response before it is published via the GitHub API.
Ingestion points: GitHub Issue and Discussion bodies fetched via the GraphQL API in SKILL.md (Phase 1).
Boundary markers: None explicitly defined in the prompts to separate external content from instructions.
Capability inventory: Comment creation via gh api and codebase inspection via bash and grep across SKILL.md and referenced files.
Sanitization: All generated responses are subject to manual user approval (Phase 6) and a 'humanizer audit' (Phase 5) before deployment.

ln-914-community-responder