The Agent Skills Directory

Command Execution: The skill utilizes standard tools like gh (GitHub CLI) and grep to retrieve PR diffs and search for code symbols. These operations are essential for the skill's primary function of documentation impact classification and are performed on the local repository content.
Indirect Prompt Injection Surface: The skill ingests untrusted data from external sources, specifically pull request titles, bodies, and code diffs. While this introduces a surface where malicious contributors could attempt to influence the LLM's classification logic, the risk is mitigated by the skill's restricted output format (a strict JSON schema) and its narrow task focus.
Resource Management and Cost Control: The '3-layer funnel' architecture (L0 to L2) is a proactive security and operational measure. By using deterministic path matching and text processing before invoking an LLM, the skill minimizes unnecessary model calls and bounds the context size, protecting against high-cost or resource-exhaustion scenarios.
Data Handling: The skill reads configuration files like .apm/docs-index.yml and repository source files. There is no evidence of sensitive credential access or data exfiltration to external domains; all network activity is limited to standard GitHub CLI operations for PR analysis.

docs-impact-classifier