The Agent Skills Directory

COMMAND_EXECUTION (LOW): The skill utilizes local shell commands (git, gh) to inspect repository state, view branches, and push changes. These operations are required for the skill's primary purpose.
DATA_EXFILTRATION (SAFE): While the skill reads repository data via git diff, it implements a comprehensive exclusion list for sensitive file types (e.g., .pem, .key, .crt, .p12) to prevent credentials from being included in the AI's context.
PROMPT_INJECTION (LOW):
Ingestion points: The skill ingests untrusted data from git log and git diff in SKILL.md.
Boundary markers: Absent. The skill does not use specific delimiters or warnings to ignore instructions within the ingested code or commit messages.
Capability inventory: The skill can perform write actions including git push and gh pr create.
Sanitization: The skill includes a 'Single confirmation' step (Step 4) that requires the user to approve the PR title, description, and the push/create actions before execution, which serves as a human-in-the-loop safeguard.

pr