The Agent Skills Directory

[COMMAND_EXECUTION]: The scripts scripts/commit_linter.py and scripts/generate_changelog.py utilize subprocess.run to invoke the git log command. The implementation correctly passes arguments as a list and does not enable shell execution, effectively mitigating shell injection risks. This functionality is essential for the skill's primary purpose of analyzing commit history.- [INDIRECT_PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by processing external data (commit messages) and rendering it into files or terminal output. Ingestion points: Commit data is sourced from git log output, standard input, or user-specified files in both Python scripts. Boundary markers: No specific delimiters or instructions are used to neutralize potential instructions embedded within commit subjects. Capability inventory: The skill possesses the ability to execute git commands and write to local files via the --write flag in generate_changelog.py. Sanitization: While the scripts use regular expressions to validate the format of commit messages, the descriptive summary portion of the commit is processed and output without further sanitization.- [SAFE]: The skill demonstrates best practices for local utility scripts, such as using standard libraries, avoiding external dependencies, and implementing clear error handling for file and command operations.

changelog-generator