The Agent Skills Directory

[PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection because it is designed to read, analyze, and act upon the output of external tools. * Ingestion points: Test failure logs from 'pytest' and repository status from 'git status' are processed as described in 'instructions.md' and 'SKILL.md'. * Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands when processing these outputs. * Capability inventory: The skill has the capability to execute shell commands, install software via pip, and perform remote Git operations. * Sanitization: No sanitization or validation of the ingested tool output is performed before it is used to guide the agent's actions.
[COMMAND_EXECUTION]: The workflow executes powerful Git commands, including 'git rebase' and 'git push --force-with-lease', which are necessary for CI remediation but perform significant modifications to the repository history.
[EXTERNAL_DOWNLOADS]: The skill performs package installations and fetches configurations from external sources. It installs the 'pre-commit' package from PyPI and retrieves Git hook configurations from well-known repositories belonging to the 'pre-commit' and 'astral-sh' organizations on GitHub.

devtu-github