The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses the Bash tool to perform version control operations and execute a local preparation script. Commands are restricted to specific prefixes such as git checkout, git branch, git add, git commit, git push, gh pr create, and bash scripts/prepare-skill-pr.sh. These operations are standard for managing code updates and pull requests within the repository.
[EXTERNAL_DOWNLOADS]: The skill utilizes the WebSearch and Task tools to research best practices during the analysis phase. While this involves fetching external data, the risk is mitigated by the mandatory human review step during the 'HARD STOP' phase, ensuring no untrusted content is automatically incorporated into the codebase.
[PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it reads existing skill files and web search results. This is identified as a vulnerability surface (Category 8). Ingestion points: Reads SKILL.md, LEARN.md, and template.md files. Boundary markers: Implements a clear two-phase workflow separation. Capability inventory: Has the ability to write files and execute specific git/bash commands. Sanitization: Relies on human approval via a diff preview before applying any changes.

skill-update