The Agent Skills Directory

[DATA_EXFILTRATION]: The skill instructs the agent to upload screenshots to an S3 bucket using the --acl public-read flag. This configuration makes the evidence publicly accessible on the internet, which can lead to the accidental exposure of sensitive internal system information or proprietary UI designs.- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface by instructing the agent to ingest and process untrusted external data, such as test runs and reproduction steps, into the context of PR descriptions. * Ingestion points: SKILL.md (Bugfix and Feature templates). * Boundary markers: Absent. * Capability inventory: Bash, Write, Read. * Sanitization: Absent.- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute aws s3 and git commands. These commands depend on environment variables like $AWS_BUCKET and $REPO. While these are part of the intended workflow, executing shell commands constructed from environment-derived strings can be risky if those variables are manipulated or contain unexpected content.

create-compelling-prs