The Agent Skills Directory

[DATA_EXPOSURE]: The skill processes user-provided inputs like screenshots and logs which may contain sensitive information. It includes a specific sanitization phase (Phase 1.5) to identify and redact personally identifiable information (PII), API keys, and infrastructure details before any issue content is created or shown.
[COMMAND_EXECUTION]: Repository operations are performed using the GitHub CLI (gh). The skill design enforces a strict human-in-the-loop requirement where the user must review and approve a proposal before any issue is created, updated, or commented on.
[INDIRECT_PROMPT_INJECTION]: The skill operates on untrusted data from external sources such as emails and messages.
Ingestion points: SKILL.md (Phase 1) specifies that input sources include screenshots, pasted text from Slack/emails, and verbal descriptions.
Boundary markers: While it does not specify character-level delimiters for external text, the skill requires a preview phase (Phase 2) that allows the user to inspect the final content before it is processed by the CLI.
Capability inventory: Capabilities are limited to gh CLI commands for issue management (creation, labels, comments).
Sanitization: Explicit redaction rules for sensitive strings (PII, tokens) are defined in Phase 1.5.

github-issue-creator