The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes gh CLI commands to manage repository resources such as issues, milestones, and labels. This behavior is documented and central to the skill's purpose. All commands use the GH_PAGER=cat environment variable to ensure non-interactive execution.- [EXTERNAL_DOWNLOADS]: The skill generates GitHub Action workflow templates that reference external repositories: actions/labeler@v5, actions/stale@v9, release-drafter/release-drafter@v6, and toshimaru/auto-author-assign@v2.1.1. These are standard tools for automating repository tasks.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it ingests untrusted user input and interpolates it into shell commands without explicit sanitization or boundary markers.
Ingestion points: User-provided strings (e.g., feature titles, descriptions, goals) are used to populate arguments in gh issue create, gh milestone create, and gh release create within SKILL.md.
Boundary markers: No delimiters or instruction-override warnings are present to isolate user data from the command context.
Capability inventory: The skill leverages the gh CLI tool across all scripts (e.g., SKILL.md, references/tooling.md), which has the capability to modify repository state, manage releases, and manipulate repository metadata.
Sanitization: There is no evidence of input validation or escaping for shell-sensitive characters in the provided instructions.

github-scrum