The Agent Skills Directory

[SAFE]: The skill serves as a protective layer to ensure release integrity by enforcing mandatory checks on PR merge state and CI success before allowing tagging or deployment operations.
[COMMAND_EXECUTION]: The skill utilizes standard developer tools (gh, git, cargo) to interact with the repository. All commands are consistent with the skill's stated purpose of release management and do not involve unauthorized file access or external network exfiltration.
[PROMPT_INJECTION]: The skill is subject to indirect prompt injection as it processes untrusted data from GitHub PRs and CI runs. However, the risk is minimized by the skill's logic.
Ingestion points: Repository metadata retrieved via gh pr view and gh run list in SKILL.md and ci-reference.md.
Boundary markers: Absent; the skill does not use explicit delimiters for the external data.
Capability inventory: The agent can perform git tag, gh release create, and cargo release commands.
Sanitization: The skill instructs the agent to validate specific JSON fields (state, status, conclusion) rather than acting on free-form text, which effectively mitigates typical instruction injection attempts hidden in PR descriptions or workflow names.

release-guard