The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes shell commands to inspect the repository (e.g., git log, git diff) and runs local build or test tools (e.g., npm, cargo, go) to verify the project's state. These commands are typical for a development workflow and are triggered based on the presence of standard project manifest files.
[PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it reads data from git logs and source code diffs which may contain untrusted content. However, the risk is minimal because the skill's logic focuses on summarizing this data into a text file rather than using it to drive sensitive or autonomous logic.
Ingestion points: Data is ingested from shell command outputs including git log and git diff as seen in SKILL.md.
Boundary markers: The handoff document uses markdown headers for structure, but does not include explicit delimiters to isolate untrusted data from the agent's instructions.
Capability inventory: The skill has access to the Bash tool for running git and build commands, and the Write tool for creating the handoff file.
Sanitization: The skill includes a step to sanitize user-provided arguments into a safe kebab-case format for file system paths, reducing the risk of path traversal or command injection via arguments.

create-handoff