The Agent Skills Directory

[PROMPT_INJECTION]: No malicious injection patterns detected. The skill features an 'AI Self-Check' section that reinforces agent safety guidelines, specifically instructing the agent to avoid destructive operations, verify authorship, and ensure no secrets are committed.
[DATA_EXPOSURE]: The skill actively promotes secure data handling. It includes instructions for using OS-native credential helpers and 1Password for SSH keys, and provides detailed procedures for removing sensitive data from git history using git-filter-repo.
[EXTERNAL_DOWNLOADS]: All external tools referenced (such as gh, glab, forgejo-cli, and gitleaks) are sourced from official or well-known repositories on GitHub and Codeberg. These are documented for legitimate developer setup and do not involve untrusted third-party sites.
[REMOTE_CODE_EXECUTION]: No remote code execution patterns found. Documentation for CLI tools and API interactions follows standard security practices without employing dangerous patterns like piping remote scripts to a shell.
[COMMAND_EXECUTION]: While the skill heavily utilizes shell commands for git operations, it mandates explicit user confirmation for any destructive command (e.g., reset --hard, push --force) and encourages the use of safer alternatives like --force-with-lease.
[INDIRECT_PROMPT_INJECTION]: The skill acknowledges the risks of processing external git data and provides mitigations, such as mandatory review of staged changes (git diff --cached) and checking for AI-generated artifacts before committing.
[DYNAMIC_EXECUTION]: Uses legitimate git features such as git bisect run for automated testing and git-filter-repo for history maintenance. These are used for their intended purposes and do not incorporate untrusted external input into runtime code assembly.

git