The Agent Skills Directory

[EXTERNAL_DOWNLOADS] (LOW): Recommends the use of npx create-probot-app which fetches and executes code from the npm registry, a standard but external source.\n- [COMMAND_EXECUTION] (LOW): Provides standard shell commands for project initialization and local development server execution.\n- [PROMPT_INJECTION] (LOW): The skill creates a surface for Indirect Prompt Injection (Category 8). 1. Ingestion points: Untrusted data enters via GitHub Webhook events (e.g., src/index.ts). 2. Boundary markers: None are present in the provided scaffold. 3. Capability inventory: The app uses Octokit for repository write operations (labels, comments, checks). 4. Sanitization: No sanitization of webhook data is implemented in the template.

github-app-scaffold