The Agent Skills Directory

[COMMAND_EXECUTION]: Executes a bundled Python script (scripts/skillctx-resolve.py) to manage local configuration and path bindings for the skill's operation.
[COMMAND_EXECUTION]: Utilizes the gh CLI to perform authenticated queries against the GitHub GraphQL API for retrieving repository activity.
[PROMPT_INJECTION]: Ingests potentially untrusted content from GitHub pull requests and Slack messages. This creates an indirect prompt injection surface. 1. Ingestion points: Content is pulled from GitHub PR bodies, Slack discussions, and meeting transcripts in Step 1. 2. Boundary markers: No explicit delimiters or instructions are provided to the agent to treat external content as untrusted data. 3. Capability inventory: The agent has the ability to execute shell commands (gh, python) and write files to the local filesystem ({blog_drafts_dir}). 4. Sanitization: The skill provides instructions for the agent to sanitize company-specific details and paraphrase text for privacy, but lacks technical controls to prevent instruction injection.
[SAFE]: The skill accesses sensitive personal data sources like session history and private messages, but this access is intrinsic to the tool's primary purpose and is governed by explicit confirmations in the metadata.

p-blog-post-mining