The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill checks out code from GitHub Pull Requests using gh pr checkout and subsequently executes it via pnpm debug. Because Pull Requests can be created by external parties, this workflow results in the execution of unverified code on the host system.
[PROMPT_INJECTION]: The skill is exposed to indirect prompt injection through the processing of untrusted PR data. * Ingestion points: PR titles, bodies, and changed files retrieved via gh pr list and gh pr view in SKILL.md. * Boundary markers: None; the skill does not use delimiters or instructions to ignore embedded commands within the PR data. * Capability inventory: The skill can execute shell commands (pnpm, git, pkill), manage processes, and perform browser automation (agent-browser). * Sanitization: No sanitization or validation is performed on the content of the PR before it is used to influence the agent's testing actions.
[COMMAND_EXECUTION]: The skill performs broad process termination using pkill -f and kill -9 on specific ports and process names. While intended for environment cleanup, these operations can affect unrelated system processes.

cherry-pr-test