The Agent Skills Directory

[COMMAND_EXECUTION]: The skill makes extensive use of the Bash tool to analyze the local repository. It executes shell pipelines involving git log, git diff-tree, grep, and find to extract commit metadata and identify file changes. These commands use variables derived from user arguments and git history.
[COMMAND_EXECUTION]: In Step 7, the jq utility is used to update a local JSON manifest. The command string is constructed by interpolating runtime variables (like commit counts and SHAs) directly into the shell execution context.
[PROMPT_INJECTION]: The skill processes external data (git commit messages and file paths) that could be controlled by an attacker who has contributed to the repository. This represents an indirect prompt injection surface if the agent interprets commit subjects as instructions during the reporting phase.
Ingestion points: Git commit subjects and file lists are extracted via git log and git diff-tree in Steps 4 and 5.
Boundary markers: No specific delimiters or "ignore" instructions are used when passing commit data into the agent's context for reporting or classification.
Capability inventory: The skill possesses the Bash, Write, and Task capabilities, allowing for system command execution and file modification.
Sanitization: There is no explicit logic described to sanitize or escape commit messages before they are processed by the agent or included in shell commands.

blueprint-derive-tests