The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands including git branch, git log, and git diff to retrieve repository metadata and code changes. These commands are local to the user's environment and are used as intended for the skill's primary function.
[SAFE]: Analysis of the provided files reveals no network operations, hardcoded credentials, or obfuscation. The skill actually enforces a security-positive rule by explicitly forbidding the inclusion of file paths or URIs in the generated PR description, which helps prevent accidental data leakage.
[PROMPT_INJECTION]: As an analysis tool, the skill is theoretically subject to indirect prompt injection via malicious commit messages or code comments in the data it processes. However, because the skill lacks network access or high-privilege write capabilities, the impact of such an injection is negligible. Evidence of indirect injection surface: the agent reads untrusted data from git log and git diff output without explicit boundary markers or sanitization, but its capabilities are restricted to generating text output.

Git PR Description