The Agent Skills Directory

[INDIRECT_PROMPT_INJECTION]: The skill processes untrusted input from git logs and release plans which could be used to deliver malicious instructions to the agent. • Ingestion points: The scripts changelog_generator.py, version_bumper.py, and release_planner.py ingest external data from command-line inputs and files. • Boundary markers: Absent. The skill does not implement delimiters or safety instructions to distinguish between its own logic and data processed from external sources. • Capability inventory: The skill is designed to generate shell commands and documentation that an AI agent may attempt to execute or adopt as ground truth. • Sanitization: The logic preserves the original content of commit messages and feature descriptions without sanitization.
[SAFE]: The script release_planner.py contains a runtime error in the _calculate_rollback_time method where it calls the re module without an accompanying import re statement. This is a quality issue and does not pose a security risk.
[SAFE]: All scripts utilize only the Python standard library, and the mentioned integrations with third-party services like DataDog or Slack are documented for informational purposes without including dangerous execution logic.

release-manager