The Agent Skills Directory

[COMMAND_EXECUTION]: The skill employs the GitHub CLI (gh) for repository operations such as listing and viewing issues. These actions are gated by mandatory checks for tool presence and authentication status.
[EXTERNAL_DOWNLOADS]: It references the official GitHub CLI website for installation and uses curl to fetch data from the well-known GitHub REST API for public repositories.
[PROMPT_INJECTION]: The skill processes untrusted data from GitHub issue descriptions and comment threads (Ingestion Point: gh issue view) to populate user story templates. While specific boundary markers or sanitization steps are not defined, the skill's capabilities are focused on structured CLI queries and prompt generation (Capability Inventory: gh commands and @014-agile-user-story handoff). The risk is mitigated by instructions to treat the external data as draft content for user confirmation and explicit rules against handling secret tokens.

021-tooling-github