The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/fetch_github_context.py uses subprocess.run to invoke the GitHub CLI (gh api). The command arguments are constructed from identifiers extracted via strict regular expressions, and the use of a command list with subprocess.run (without shell=True) prevents shell injection attacks.
[EXTERNAL_DOWNLOADS]: The skill downloads content from well-known platforms (GitHub, Jira, and Mattermost). These network operations target official APIs, use authenticated requests via environment variables, and are necessary for the skill's documented purpose.
[PROMPT_INJECTION]: The skill processes untrusted data from external sources, presenting an indirect prompt injection surface. Ingestion points: External issue bodies, comments, and chat threads are fetched and saved to the .retrospectives/ directory. Boundary markers: No explicit markers or 'ignore' instructions are used to delimit external content within the markdown artifacts. Capability inventory: The skill has capabilities for network access (requests), command execution (gh CLI), and local filesystem writes. Sanitization: External content is rendered directly into markdown without sanitization for potential embedded instructions.

retrospective-artifacts