The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to execute a variety of shell commands to manage directories, manipulate git state, and detect project configurations. This includes automated modification of the .gitignore file and subsequent commits.
[REMOTE_CODE_EXECUTION]: The skill triggers the execution of project-defined setup commands and test suites, such as npm install, cargo build, pip install, and pytest. These operations execute code defined within the repository being worked on and may download external dependencies from official registries.
[PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection because it processes untrusted data from the repository.
Ingestion points: Project configuration files (package.json, Cargo.toml, requirements.txt, etc.), CLAUDE.md preferences, and branch names provided via context.
Boundary markers: Absent; the agent directly incorporates file contents into its decision logic and shell commands.
Capability inventory: Full shell execution capability for git operations, dependency management, and test runners.
Sanitization: The skill does not specify sanitization or validation of the repository's internal scripts or the variables (like branch names) before they are used in shell commands.

using-git-worktrees