The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes multiple GitHub CLI (gh) commands to manage project items and authentication. Actions include checking auth status, refreshing tokens with the 'project' scope, viewing project details, listing items, and editing issue assignees. These are standard operations for a GitHub management tool.- [EXTERNAL_DOWNLOADS]: Fetches metadata and item lists from GitHub's servers via the gh tool. These network operations target a well-known service (GitHub) and are consistent with the skill's primary purpose.- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it processes external data (issue metadata and URLs) from GitHub. • Ingestion points: GitHub project items retrieved via gh project item-list in SKILL.md. • Boundary markers: No explicit delimiters or warnings to ignore embedded instructions in issue content are present. • Capability inventory: Includes gh issue edit in SKILL.md and the ability to trigger the $gh-issue-to-pr skill. • Sanitization: No explicit sanitization of issue metadata is performed before resolving repo names and issue numbers. However, the risk is minimal as the data is used for structured identifiers.

gh-project-issue-loop