The Agent Skills Directory

PROMPT_INJECTION (SAFE): The skill processes untrusted data from local git history and diffs to generate pull request descriptions. While this provides an attack surface for indirect prompt injection, the risk is negligible given that the context is a local development environment and the output is a descriptive summary for human review.
Ingestion points: Output from git log, git diff, and gh repo view.
Boundary markers: Absent; the skill does not explicitly instruct the agent to ignore instructions embedded within code changes.
Capability inventory: Pull request creation and API calls via the gh CLI.
Sanitization: Absent; the model interprets raw code diffs to produce technical summaries.
COMMAND_EXECUTION (SAFE): The skill utilizes git and gh commands for their intended purposes. All command strings are standard for repository management and do not include high-risk flags, privilege escalation attempts, or unauthorized network calls.

create-pr