The Agent Skills Directory

[SAFE]: No malicious patterns, obfuscation, or unauthorized access attempts were identified. The skill is designed for legitimate software development tasks.\n- [COMMAND_EXECUTION]: Employs standard developer tools like git and gh for pull request lifecycle management. Command execution is restricted to the intended purpose and uses safe practices like temporary files and the GitHub CLI's --body-file flag to prevent shell interpretation of PR content.\n- [DATA_EXFILTRATION]: Communicates with the Significant-Gravitas/AutoGPT repository via official GitHub APIs and CLI tools. This behavior is consistent with the skill's stated purpose and the author's identity, and does not involve exfiltrating sensitive local data.\n- [PROMPT_INJECTION]: The skill ingests untrusted data from repository templates and pull request review comments (Ingestion points: SKILL.md Step 3 and 4). While it does not include explicit boundary markers to ignore instructions in the templates, it maintains a restricted capability inventory (shell commands for PR management). It implements effective sanitization by using single-quoted heredocs and the --body-file argument to ensure that ingested PR content is treated as data, not executable code (Sanitization).

open-pr