The Agent Skills Directory

[PROMPT_INJECTION]: Indirect prompt injection surface exists as the skill reads untrusted data from repository files to drive its instrumentation logic. \n * Ingestion points: The skill reads configuration and manifest files such as package.json, go.mod, pyproject.toml, and Cargo.toml using grep and file checks. \n * Boundary markers: No delimiters or "ignore instructions" warnings are utilized when processing repository content. \n * Capability inventory: The skill can execute shell commands (git, pnpm, pip, go, gh), write configuration files, and open Pull Requests. \n * Sanitization: No sanitization is performed on the content of the detected files before using them to generate code or PR descriptions. \n- [COMMAND_EXECUTION]: The skill executes several management commands to install dependencies and manage the git workflow. \n * Evidence: Executes pnpm add, pip install, go get, and gh pr create based on the detected repository stack. These actions are consistent with the skill's primary purpose. \n- [EXTERNAL_DOWNLOADS]: Fetches and installs observability SDKs from official registries and well-known services. \n * Evidence: Downloads packages from Sentry, PostHog, and Helicone via standard package managers. These are recognized as well-known technology providers and trusted for these operations.

instrument-repo