The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes local build scripts using pnpm preflight and pnpm preflight:build. These commands execute code defined within the project repository, which could perform arbitrary actions on the host system.
[COMMAND_EXECUTION]: Performs Git and GitHub CLI operations (git push, gh pr create), involving authenticated network communication with remote servers.
[DATA_EXFILTRATION]: Explicitly accesses and compares .env* files in the repository root. Since these files are standard locations for storing credentials, API keys, and other secrets, processing their content in an LLM context creates a risk of sensitive data exposure or leakage into the generated PR description.
[PROMPT_INJECTION]: Vulnerable to indirect prompt injection through the processing of untrusted repository data.
Ingestion points: Git diffs, commit messages, and issue context.
Boundary markers: Absent; the skill interpolates raw diff and commit data directly into the PR generation instructions without delimiters or safety markers.
Capability inventory: Includes shell command execution (pnpm), file system access (.env), and network operations (git, gh).
Sanitization: None; the skill does not sanitize or validate the content of commits or diffs before processing.

ah-create-pr