The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from multiple sources including GitHub discussions, issues, PRs, and project-local files like CHANGELOG.md and docs/community_engagement_strategy.md.
Ingestion points: Data is gathered via gh api graphql, git log, and reading local files (CHANGELOG.md, docs/community_engagement_strategy.md).
Boundary markers: The instructions do not define clear delimiters or "ignore" directives to prevent the agent from obeying instructions embedded in the analyzed community content.
Capability inventory: The skill utilizes the Bash tool to execute shell commands and the Skill tool to delegate tasks to other worker skills.
Sanitization: There is no evidence of sanitization or validation of the content retrieved from GitHub or local documentation before it is processed by the agent.
[EXTERNAL_DOWNLOADS]: The skill includes a fallback mechanism to fetch reference files and templates from the author's GitHub repository (https://raw.githubusercontent.com/levnikolaevich/claude-code-skills/master/) using the WebFetch tool if local files are missing.
[COMMAND_EXECUTION]: The skill uses the Bash tool to interact with the system, specifically executing gh (GitHub CLI) for API queries and git for log analysis and changelog inspection.

ln-910-community-engagement