The Agent Skills Directory

PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection because it processes untrusted content from external GitHub repositories and issues without sanitization or boundary markers. 1. Ingestion points: Reads repository documentation such as CONTRIBUTING.md, README, and issue descriptions via GitHub MCP. 2. Boundary markers: None identified; the instructions do not provide delimiters or warnings to ignore instructions embedded in the data. 3. Capability inventory: Local file system reading and GitHub API interaction; the agent primarily generates a report and recommendations for the user. 4. Sanitization: None identified; the skill lacks a mechanism to filter or escape potentially malicious instructions found in the ingested text.

oss-issue-scout