The Agent Skills Directory

[INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest and process data from external repository files (e.g., README.md, CONTRIBUTING.md, and templates), which represents a potential attack surface. However, it includes comprehensive mitigations by instructing the agent to treat these files strictly as formatting structures and to explicitly ignore any embedded instructions or commands.- [DATA_EXPOSURE_AND_EXFILTRATION]: The instructions include mandatory security boundaries that forbid the agent from accessing files outside the repository working tree (such as home directories or SSH keys) and prohibit making network requests to URLs found within the repository's documentation.- [COMMAND_EXECUTION]: The skill enforces a manual verification process for any prerequisite tasks (such as builds or tests) by requiring the agent to list the necessary commands for the user to run rather than executing them autonomously.- [CREDENTIALS_UNSAFE]: Explicit guidelines are provided to prevent the accidental inclusion of secrets, credentials, or environment variables in issues, commits, or pull requests.

make-repo-contribution