The Agent Skills Directory

[SAFE]: The skill leverages the official GitHub CLI (gh), which is a widely recognized and trusted tool for interacting with GitHub repositories.
[COMMAND_EXECUTION]: The skill executes gh commands for managing issues. It explicitly includes human-in-the-loop requirements, instructing the agent to present a summary and request user confirmation before performing any operations that create or modify data (SKILL.md).
[PROMPT_INJECTION]: The skill demonstrates an indirect prompt injection surface as it reads and processes external data. 1. Ingestion points: Issue metadata and bodies are retrieved using gh issue view, gh issue list, and gh search issues (SKILL.md). 2. Boundary markers: The instructions do not define specific delimiters to isolate external issue content from the agent's internal logic. 3. Capability inventory: The agent can perform write actions including gh issue create, gh issue edit, and gh issue comment (SKILL.md). 4. Sanitization: There is no evidence of sanitization or filtering of the content retrieved from GitHub. This vulnerability surface is mitigated by the requirement for explicit user approval before the agent takes action based on processed data.

github-issues