The Agent Skills Directory

Privilege Escalation (HIGH): The skill instructs the agent to request escalated GitHub scopes (workflow and repo) and specifically suggests overriding sandbox restrictions using the 'sandbox_permissions=require_escalated' flag. The workflow scope is particularly dangerous as it allows the modification of GitHub Actions configurations, potentially leading to CI/CD pipeline takeover.- Indirect Prompt Injection (LOW): The skill ingests untrusted GitHub Actions logs and uses them to formulate a fix plan and implement code changes. 1. Ingestion points: Log fetching via 'gh run view --log'. 2. Boundary markers: Absent; there are no instructions to delimit or sanitize log content. 3. Capability inventory: The skill has the capability to write files and execute shell commands. 4. Sanitization: Absent.- Command Execution (MEDIUM): The skill executes a bundled script (inspect_pr_checks.py) and various 'gh' CLI commands, including direct API calls, which interact with the repository and remote host.

gh-fix-ci