The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes external, untrusted codebase data. * Ingestion points: The skill reads codebase content using the Agent tool in Step 1. * Boundary markers: Absent; there are no instructions to delimit or ignore instructions found within the analyzed files. * Capability inventory: The skill uses gh issue create to perform external write operations. * Sanitization: Absent; the skill does not define validation or escaping for the data ingested from the codebase before it is used to populate an issue template.
[COMMAND_EXECUTION]: The skill uses the GitHub CLI to perform write operations to the repository. * Step 7 instructs the agent to execute gh issue create to submit the refactor RFC. * The instructions explicitly direct the agent to skip user review before creating the issue ("Do NOT ask the user to review before creating"), which reduces oversight for automated actions.

improve-codebase-architecture