The Agent Skills Directory

[PROMPT_INJECTION]: The skill retrieves and evaluates untrusted content from Gitee pull request comments and descriptions, creating an attack surface for indirect prompt injection. * Ingestion points: PR metadata, reviewer comments (list_pull_comments), and code diffs (get_diff_files) are ingested via Gitee MCP tools (SKILL.md, Steps 1-3). * Boundary markers: The skill lacks explicit delimiters or instructions to ignore commands embedded within the external PR data. * Capability inventory: The skill possesses the merge_pull capability (SKILL.md, Step 5), which allows it to modify repository state based on the processed input. * Sanitization: No sanitization, validation, or instruction filtering is performed on the data retrieved from the Gitee platform.

merge-pr-check