The Agent Skills Directory

[DATA_EXFILTRATION]: The skill features an 'Auto Mode' (enabled by default in config.yaml) that automatically executes git add -A followed by git push. If sensitive files such as .env or configuration secrets are present in the workspace and not explicitly ignored via .gitignore, they will be automatically committed and exfiltrated to the remote repository without user confirmation.
[COMMAND_EXECUTION]: The skill executes multiple shell commands to interact with the Git version control system, including git add, git commit, git push, and git log. These are executed in the user's local environment to perform the skill's primary functions.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8). It reads the output of git diff and git status to generate commit messages. Malicious instructions embedded in the source code being analyzed (e.g., in code comments or strings) could influence the agent's behavior during the commit process.
Ingestion points: git status --porcelain, git diff, git ls-files, and git log -n 5 --pretty=%s (referenced in SKILL.md).
Boundary markers: None. There are no explicit instructions or delimiters used to tell the AI to ignore instructions contained within the diff data.
Capability inventory: The skill can perform file staging (git add), local commits (git commit), and remote synchronization (git push).
Sanitization: No sanitization or filtering is performed on the content of the Git diffs before processing.
[EXTERNAL_DOWNLOADS]: The README.md file contains numerous external links to various platforms including Reddit, Medium, DataCamp, and Anthropic's official documentation. While these appear to be for informational purposes and target well-known services, they increase the external surface area of the skill's documentation.

git-commit