The Agent Skills Directory

[SAFE]: The skill provides structured guidance for standard development workflows and does not contain any evidence of obfuscation, malicious instructions, or unauthorized data access.
[COMMAND_EXECUTION]: The skill makes extensive use of git and platform-specific CLI tools (gh, glab, tea) to perform repository operations, which is consistent with its stated purpose as a workflow 'glue' skill.
[EXTERNAL_DOWNLOADS]: The documentation references official command-line tools from trusted providers (e.g., GitHub, GitLab) as optional prerequisites to be installed by the user if missing.
[PROMPT_INJECTION]: The skill exhibits a potential attack surface for indirect prompt injection as it ingests untrusted repository data. 1. Ingestion points: Reads local project files including README.md, CHANGELOG.md, and git logs (SKILL.md, finish.md). 2. Boundary markers: No explicit markers are used to delimit untrusted content from internal instructions. 3. Capability inventory: Accesses sensitive operations such as git push and release creation (finish.md). 4. Sanitization: Relies on non-executable text processing tools like awk, sed, and grep for data extraction, reducing the risk of direct instruction execution.

dev-cycle