The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands including git status, git diff, git add, and git commit. These operations interact directly with the local repository and filesystem to automate the development workflow.
[PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection (Category 8) because it processes untrusted data from source code changes. Ingestion points: Untrusted data enters the agent context through the WBS modal text input and the output of git diff. Boundary markers: There are no explicit delimiters used to encapsulate the diff content or instructions to the LLM to ignore embedded commands within the code. Capability inventory: The skill has the capability to modify the repository state using git add and git commit. Sanitization: No validation or sanitization is performed on the diff content or WBS text before it is analyzed by the agent. A partial mitigation is present in Step 6, which requires user selection and confirmation before a commit is executed.

review-and-commit-msg