The Agent Skills Directory

[PROMPT_INJECTION]: The skill analyzes the output of code diffs and commit logs to summarize changes, which creates a surface for indirect prompt injection.
Ingestion points: git diff HEAD and git log --oneline -10 in SKILL.md.
Boundary markers: Absent; the skill does not use delimiters to isolate the diff output or provide instructions to ignore embedded commands.
Capability inventory: Shell access for executing multiple git commands in SKILL.md.
Sanitization: Absent; the skill does not filter or sanitize the contents of the code changes before processing.
[COMMAND_EXECUTION]: The skill instructs the agent to execute a series of bash commands to inspect and modify the repository state, including git status, git diff, git log, git branch, git add, and git commit.
[SAFE]: The skill demonstrates security awareness by explicitly directing the agent not to commit files that likely contain secrets, specifically mentioning .env and credentials.json files.

commit