The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses the Bash(gh:*) and Bash(git:*) tools to execute repository analysis and management commands. Specific commands used include git status, git branch, gh issue list, gh auth status, and gh label create. These commands are integral to the skill's primary function of managing development workflows on GitHub.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes untrusted content from the repository environment. During Phase 1, the agent reviews open issues via gh issue list to identify duplicates. A malicious actor could create a GitHub issue with a title containing instructions designed to manipulate the agent's logic. * Ingestion points: Data enters the context from the output of gh issue list in SKILL.md. * Boundary markers: There are no explicit delimiters or instructions to help the agent distinguish between data from the issue list and its internal operational guidelines. * Capability inventory: The skill possesses the capability to execute shell commands through gh and git, which could be exploited to perform unauthorized repository modifications. * Sanitization: The skill does not implement validation or sanitization of external data before processing it as part of its decision-making logic.

create-issues