The Agent Skills Directory

[PROMPT_INJECTION]: The skill ingests and processes untrusted pull request comments from GitHub, which introduces a surface for indirect prompt injection. This risk is mitigated by explicit instructions requiring the agent to critically research each comment's validity against the code and requirements and to escalate ambiguous feedback to the user.\n- [COMMAND_EXECUTION]: The skill executes git commands and repository-specific validation checks. It implements security best practices by instructing the agent to use argv-based process execution instead of shell-interpolated strings to prevent command injection vulnerabilities during the remediation process.\n- [EXTERNAL_DOWNLOADS]: The skill fetches pull request metadata and review thread content from GitHub's official API using the GitHub CLI (gh) and bundled GraphQL assets. These operations are restricted to established GitHub services as part of the skill's primary function.

fusion-github-review-resolution