The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The preflight-checker-manifest.md file recommends the installation of multiple downstream skills from various individual GitHub repositories, such as obra/superpowers/writing-plans, softaworks/agent-toolkit/commit-work, and sickn33/antigravity-awesome-skills/clean-code. These repositories are not associated with trusted organizations or well-known services.
[PROMPT_INJECTION]: The skill architecture presents an attack surface for indirect prompt injection (Category 8).
Ingestion points: Untrusted content from GitHub issues and comments is fetched and stored in docs/<ISSUE_SLUG>.md by the fetching-github-issue skill for processing.
Boundary markers: The artifact-validator.md subagent checks for specific Markdown sections but does not implement robust delimiters or instructions to ignore embedded commands within the fetched issue data.
Capability inventory: The orchestrator dispatches tasks that can create GitHub issues (creating-github-child-issues), perform git commits, and execute code changes (executing-github-task).
Sanitization: No evidence of explicit sanitization or filtering of external content was found in the provided orchestration logic.
[COMMAND_EXECUTION]: The skill relies on the execution of the GitHub CLI (gh) and the git CLI for repository and issue management. While necessary for the skill's function, these tools provide a broad range of capabilities over the user's environment.

orchestrating-github-workflow