The Agent Skills Directory

[PROMPT_INJECTION]: The skill includes documentation in references/allowlist.md that provides strategies to circumvent agent security controls. It instructs users to configure broad prefix-based allowlists for powerful CLI tools (gh and glab) and specifically details how to format commands to evade pattern-matching restrictions, which reduces human oversight for high-privilege operations.- [PROMPT_INJECTION]: This skill is susceptible to indirect prompt injection. It retrieves and interprets content from external sources such as pull request comments and descriptions (Ingestion points: SKILL.md and references/pr-comment-workflow.md). It lacks boundary markers or sanitization processes to differentiate between legitimate feedback and malicious instructions. Given the skill's capabilities to commit code and merge PRs (Capability inventory: gh pr merge, glab mr merge), this represents a significant attack surface.- [COMMAND_EXECUTION]: The skill relies extensively on complex shell command execution and subshell substitutions using the GitHub and GitLab CLI tools to manage repositories and automate review workflows.

git-pr