The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes git and the GitHub CLI (gh) to automate developer workflows. It executes commands to inspect branch state, create new branches, stage files, and push commits. These operations are appropriate for the skill's stated purpose.
[DATA_EXFILTRATION]: Local repository data, including commit logs and code diffs, is transmitted to GitHub. As GitHub is a well-known service and the intended destination for the pull request, this interaction is considered standard functionality.
[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing untrusted data from the repository environment.
Ingestion points: Data is sourced from git log, git diff, and gh issue list.
Boundary markers: No specific delimiters are used to isolate untrusted external text from the system instructions.
Capability inventory: The skill can perform remote actions using git push and gh pr create.
Sanitization: The skill does not perform validation or sanitization on external data before using it to populate pull request templates.

pr