The Agent Skills Directory

[PROMPT_INJECTION]: The skill instructs the agent to read and process external data from GitHub Pull Requests and CI logs, which establishes an indirect prompt injection surface.
Ingestion points: Commands such as gh pr view, gh pr diff, and gh run download in SKILL.md are used to fetch potentially attacker-controlled content from GitHub.
Boundary markers: The instructions do not define specific delimiters to isolate external content from the prompt instructions.
Capability inventory: The skill provides access to shell commands including git, gh, python, grep, wc, sed, and cat for data processing and system interaction.
Sanitization: No explicit validation or filtering of external data is mentioned.
[COMMAND_EXECUTION]: The skill defines a set of shell commands for repository management and CI/CD debugging, such as configuring git remotes, executing localized scripts (tools/trigger_internal_ci.py), and using gh CLI for workflow monitoring. These operations are legitimate and align with the skill's purpose as a developer reference.

cicd