The Agent Skills Directory

[COMMAND_EXECUTION] (HIGH): The skill provides automation scripts like release.sh and Husky hooks that execute npm run build, npm test, and npx lint-staged. This creates a high-risk surface for Indirect Prompt Injection (Category 8). A malicious repository could contain harmful commands in its package.json scripts, which the agent would then execute with its available Bash permissions. There are no boundary markers or sanitization steps provided to validate the safety of these external scripts before execution.
[EXTERNAL_DOWNLOADS] (MEDIUM): The instructions rely on npm install, npx commitlint, and npm ci, which pull and execute packages from the npm registry at runtime. While these are common development tools, they introduce a dependency on external sources that could be subject to supply chain attacks or dependency confusion if versions are not strictly pinned and verified.
[PROMPT_INJECTION] (HIGH): The skill demonstrates a significant Category 8 (Indirect Prompt Injection) vulnerability surface. Ingestion points: External Git repositories via git clone and git checkout. Boundary markers: Absent; the agent is not instructed to ignore instructions within the files it processes. Capability inventory: Full Bash access, Write access, and the ability to trigger script execution via npm/npx. Sanitization: None; external file content is used directly in command execution contexts (e.g., commitlint --edit $1).

Git Advanced Workflow Expert