The Agent Skills Directory

[PROMPT_INJECTION]: The skill instructs the agent to bypass human-in-the-loop safety protocols for destructive operations.
Evidence: "Executes immediately after checks pass; no extra confirmation needed." and "Do not ask for additional yes/no confirmation after this skill is invoked."
[COMMAND_EXECUTION]: The skill uses shell interpolation for AI-generated commit messages, which can lead to arbitrary command execution if the message contains shell metacharacters.
Evidence: git commit -m "$(cat <<'EOF' [Generated commit message] EOF )".
[DATA_EXFILTRATION]: The skill performs automated network operations (git push) to transfer local repository data to a remote server. While it attempts to scan for secrets, automated detection via fixed patterns may fail, and the lack of user review before the push increases the risk of sensitive data exposure.
Evidence: Safety checks rely on specific file extensions and environment variable patterns to block pushes.
[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it processes untrusted local file data and uses it to generate output that is subsequently executed as a shell command.
Ingestion points: Local file contents and git diff output analyzed in SKILL.md steps 1 and 2.
Boundary markers: No delimiters or warnings are specified to prevent the AI from interpreting file content as instructions during the commit message generation phase.
Capability inventory: Shell access for multiple git commands (add, commit, push) across the entire workflow.
Sanitization: There is no explicit requirement for the agent to sanitize or validate the generated commit message before passing it to the shell execution environment.

auto-push