The Agent Skills Directory

[DATA_EXPOSURE_AND_EXFILTRATION]: The skill executes local git commands such as git status and git diff to retrieve the state of the repository. These operations access source code contents to generate summaries. No network activity or exfiltration patterns were detected.
[INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted input from the local file system via the git diff command output (SKILL.md). There are no specific boundary markers for this data. The capability inventory is restricted to local git read operations. Mitigation is provided through strict output formatting rules (e.g., "return exactly one final commit message and nothing else") that discourage the agent from following instructions embedded in code changes. No explicit sanitization of the diff content is performed.

write-conventional-commit