The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/dependabot_report.py executes the GitHub CLI (gh) via subprocess.run to interact with the GitHub API. This is a legitimate use for fetching security alert data and repository metadata. The commands are constructed using argument lists without a shell, which mitigates standard command injection risks.\n- [PROMPT_INJECTION]: The scripts/run-report.mjs utility passes generated report data to an LLM, creating an indirect prompt injection surface. Ingestion point: Data from GitHub Dependabot API is read into report.md and then processed by scripts/run-report.mjs. Boundary markers: Absent; the prompt uses a simple delimiter. Capability inventory: The skill uses subprocess.run in scripts/dependabot_report.py to call the GitHub CLI and fetch in scripts/run-report.mjs to send data to Slack. Sanitization: Absent. This is assessed as a low-risk surface inherent to the tool's functionality.\n- [DATA_EXFILTRATION]: While the skill accesses security alerts and sends data to Slack, all operations are performed within the user's configured environment (using user-provided GitHub tokens and Slack webhooks). No unauthorized data transmission to third-party domains was detected.

github-dependabot-report