The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes a local JavaScript utility (scripts/detect-scope.js) and standard Git commands (git status, git diff, git log) to identify development changes. These operations are scoped to the repository root and use restricted tool aliases.
[SAFE]: Includes a strict prohibition on Git mutations, specifically blocking commands like git push, git commit, and git reset to prevent unauthorized changes to the user's codebase.
[SAFE]: Demonstrates security awareness by implementing a secret redaction phase (scripts/security-redact.js) to sanitize sensitive information before generating reports or answering questions.
[PROMPT_INJECTION]: While the skill processes untrusted content such as recent code diffs and session transcripts, it operates within a documented workflow that includes manual review checkpoints and automated sanitization, minimizing the risk of indirect prompt injection.

post-dev-recap