The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/impact_detector.py uses subprocess.run to execute git commands (git diff and git merge-base). These operations are used to identify changed files and determine the impact on monorepo packages. While the execution uses argument lists rather than shell strings, it represents a direct interface with the host system's CLI.
[EXTERNAL_DOWNLOADS]: The skill references and encourages the installation of external dependencies from public registries, including the @changesets/cli and @changesets/changelog-github NPM packages. It also provides instructions for using remote caching services provided by Vercel and Nx Cloud, as well as a third-party Docker image (ducktape/turborepo-remote-cache) for self-hosted caching.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its ingestion of untrusted repository data.
Ingestion points: The scripts scripts/package_analyzer.py and scripts/impact_detector.py read and parse data from package.json files (including package names, descriptions, and script keys) and git history (filenames).
Boundary markers: The scripts do not implement specific boundary markers or 'ignore' instructions when outputting parsed metadata for the agent to process.
Capability inventory: The skill includes the capability to execute shell commands via the git binary and manages environment variables for CI/CD pipelines.
Sanitization: There is no evidence of sanitization or verification of the content within the package.json files or git refs before they are processed by the agent's logic.
[METADATA_POISONING]: The SKILL.md file contains misleading metadata. The Maintainer field is explicitly set to 'Claude Skills Team', which contradicts the provided author attribution ('borghei'). This impersonation of an official platform team is deceptive and may lead users or agents to overestimate the safety and authority of the skill's content.

monorepo-navigator