The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes shell commands such as git branch -a and git log to gather signals about the project's current branching model and activity levels.
[PROMPT_INJECTION]: The skill includes an entry point for user instructions via the $ARGUMENTS variable in SKILL.md, which is a standard pattern for agent skills but technically allows direct prompt injection.
[PROMPT_INJECTION]: The skill demonstrates a surface for indirect prompt injection by processing untrusted data from the repository metadata (branch names and commit history) to generate its strategy recommendations.
Ingestion points: Project analysis signals are gathered from the output of git commands in SKILL.md and reference/branching-strategies.md.
Boundary markers: No explicit markers are used when processing the text-based output of repository analysis.
Capability inventory: The skill has the capability to write to and modify project configuration files like CLAUDE.md and AGENTS.md.
Sanitization: There is no explicit sanitization of branch names or commit messages before they are used to influence the agent's logic.

setup