The Agent Skills Directory

[PROMPT_INJECTION]: The skill processes untrusted input from GitHub issues (titles, bodies, and comments), creating an indirect prompt injection surface. A malicious issue could attempt to influence the sub-agent's analysis. ● Ingestion points: Issue metadata and comments are fetched via "gh issue view" as seen in SKILL.md. ● Boundary markers: No explicit delimiters are specified for the sub-agent prompt instructions. ● Capability inventory: The skill can post comments and modify labels on repository issues. ● Sanitization: The skill employs a quoted heredoc ("cat <<'EOF'") when posting comments, which effectively prevents shell injection or evaluation of the issue content by the local system.
[COMMAND_EXECUTION]: The skill executes "gh" CLI commands for repository interaction. These operations (view, comment, edit) are standard for issue management and are invoked with parameters handled securely within the agent's logic.
[EXTERNAL_DOWNLOADS]: The skill does not perform any remote code downloads or external package installations, relying entirely on the pre-configured GitHub CLI environment.

review-security-issue