The Agent Skills Directory

[COMMAND_EXECUTION]: The skill automates complex workflows using the Azure CLI (az) and GitHub CLI (gh). It performs actions such as creating Entra ID app registrations, assigning RBAC roles, and configuring GitHub environments and secrets. It also uses shell and PowerShell commands to rename files in the .github/workflows directory.
[SAFE]: The documented behavior is consistent with the primary purpose of the skill and the capabilities of the Azure vendor. The skill includes explicit security rules, such as prohibiting the printing of secrets and requiring user acknowledgments before activating deployment workflows.
[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting data from external API responses. * Ingestion points: Metadata from the GitHub API (repository and owner IDs) is retrieved in Step 2 of the playbook. * Boundary markers: Absent; metadata is directly interpolated into OIDC subject strings. * Capability inventory: The skill has extensive permissions to execute system commands and modify repository files. * Sanitization: No explicit validation or escaping is performed on the data returned from the GitHub API prior to its use in configuration.

git-ape-onboarding