The Agent Skills Directory

[PROMPT_INJECTION]: The skill processes content from conflicted files which could potentially contain instructions aimed at manipulating the agent's output (Indirect Prompt Injection). However, the risk is minimized as the skill specifically focuses on resolving text markers and requires the user to manually execute final commands, preventing the agent from performing unauthorized actions autonomously.
[COMMAND_EXECUTION]: The skill manages git workflows but includes a strong safety boundary by explicitly instructing the agent not to execute critical git commands (such as git add, git rebase --continue, or git merge --abort) itself. It instead generates these commands for the user to review and run, ensuring human-in-the-loop verification.
[DATA_EXFILTRATION]: The skill accesses the .git directory to identify the state of the repository (e.g., detecting MERGE_HEAD or CHERRY_PICK_HEAD). This is a legitimate use of repository metadata to determine the context of the conflict and does not involve accessing sensitive credentials or transmitting data to external servers.

resolve-conflicts