The Agent Skills Directory

[COMMAND_EXECUTION]: The skill orchestrates the resolution process by executing several CLI tools, including git, gh (GitHub CLI), and mergiraf. It also invokes ecosystem-specific package managers such as npm, yarn, pnpm, cargo, poetry, pipenv, uv, bundler, and go to regenerate lockfiles. Commands are either hardcoded or use arguments validated against a safe-character whitelist to prevent command injection.
[EXTERNAL_DOWNLOADS]: During lockfile regeneration (e.g., via npm install --package-lock-only or cargo generate-lockfile), the skill may trigger network requests to official package registries. These operations are standard for the intended development workflow and target well-known, trusted services.
[DATA_EXPOSURE]: The skill reads git history and the content of conflicted files to identify and summarize conflict hunks. This data is processed locally to assist the user and the agent in resolving the merge state; no sensitive configuration files or credentials are accessed or exfiltrated.
[PROMPT_INJECTION]: As the skill processes untrusted content from conflicted files (hunks provided by 'ours' or 'theirs'), it has a surface for indirect prompt injection. However, the risk is mitigated by the skill's primary use case (code merging) and its use of structured framing and legends to separate file content from the agent's instructional context.

melt