The Agent Skills Directory

PROMPT_INJECTION (SAFE): The skill processes untrusted external data in the form of GitHub Actions logs, creating a potential surface for indirect prompt injection. Ingestion points: Logs are fetched from GitHub via gh run view --log and gh api calls. Boundary markers: No explicit markers are used to delimit external log content in the summarization prompt. Capability inventory: The skill can execute gh commands and write files to the local repository to implement fixes. Sanitization: No sanitization is performed on log content, but the workflow includes a mandatory step for the user to review and approve any plan before the agent acts.

gh-fix-ci