The Agent Skills Directory

[COMMAND_EXECUTION]: The skill relies on standard development tools including git and the gh (GitHub CLI). It executes commands such as gh pr view, gh pr diff, gh api user, git diff, and git apply to analyze code changes and manage branches. These operations are consistent with the skill's stated purpose of PR management.
[EXTERNAL_DOWNLOADS]: The skill fetches pull request metadata and file diffs from the NVIDIA/Megatron-LM repository. These network operations are directed at the vendor's official GitHub repository and are necessary for the skill's core functionality.
[PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection because it ingests and processes potentially untrusted data from pull request titles and bodies.
Ingestion points: External data enters the agent context via the gh pr view command executed in SKILL.md.
Boundary markers: The workflow includes a mandatory "Wait for user approval before execution" step, which ensures that a human reviews the proposed split and the resulting commands before any state-changing actions occur.
Capability inventory: The skill can create branches, apply diffs via git apply, and push to the user's fork. These capabilities are used within the scope of the user's development environment.
Sanitization: While the skill does not detail automated sanitization for PR content, the requirement for manual user verification effectively mitigates the risk of malicious instructions in the PR metadata being executed without oversight.

mcore-split-pr