The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The collect-diagnostics.sh script executes git remote get-url origin to gather repository metadata. In many development environments and CI systems, Git remote URLs contain embedded Personal Access Tokens (PATs) or other authentication secrets, which would be exposed in the diagnostic output.
[COMMAND_EXECUTION]: The skill instructs the agent to execute a local shell script (bash collect-diagnostics.sh) and various CLI tools like git and gh. This execution pattern is used to perform system reconnaissance and gather forensic data from the local environment.
[PROMPT_INJECTION]: The skill is designed to process untrusted data from external sources, presenting an Indirect Prompt Injection surface.
Ingestion points: The skill reads error messages, stack traces, and CI logs (e.g., via gh run view in references/specialized-patterns.md).
Boundary markers: The instructions do not specify the use of delimiters or boundary markers when ingesting logs into the prompt context.
Capability inventory: The agent has access to subprocess execution (bash, git, gh) and file system access.
Sanitization: The skill includes a positive security instruction in SKILL.md to strip hostnames, IPs, and customer data before performing external searches, which mitigates some privacy risks.

debugging