The Agent Skills Directory

[PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it processes untrusted data from the repository environment into shell commands.
Ingestion points: File paths identified via git diff --name-only and commit history via git log.
Boundary markers: Absent; no instructions are provided to the agent to ignore instructions embedded in the processed data.
Capability inventory: Extensive shell execution capabilities including git, npx, ruff, and black.
Sanitization: Absent; file paths and commit messages are interpolated directly into shell command strings without escaping or validation.
[COMMAND_EXECUTION]: The skill executes a wide range of shell commands to manage the development workflow.
Evidence: Uses git for stashing, branching, and syncing; executes npx, ruff, and black for code quality checks on modified files.
[EXTERNAL_DOWNLOADS]: The workflow relies on npx, which can download and execute packages from the npm registry.
Evidence: npx eslint <modified-file> and npx prettier --check <modified-file> will attempt to run tools that may be fetched from remote sources if not present locally.
[DATA_EXFILTRATION]: Performs network operations to interact with the remote repository origin.
Evidence: Uses git pull origin main to fetch updates and git push -u origin <branch-name> to upload local changes.

prepare-pull-request