The Agent Skills Directory

[COMMAND_EXECUTION] (SAFE): Utilizes standard development tools including gh, sentry-cli, and curl to interact with observability platforms and GitHub. These operations are essential for the skill's stated purpose of production triage.
[EXTERNAL_DOWNLOADS] (SAFE): Interacts with Vercel and Sentry APIs via curl. These connections are directed to legitimate service providers and are authenticated with user-provided tokens.
[CREDENTIALS_UNSAFE] (LOW): Scripts source ~/.secrets and read .env.local or .sentryclirc to retrieve API tokens. While this is standard for local developer tools, it assumes the user manages their local secrets securely.
[INDIRECT_PROMPT_INJECTION] (LOW): The skill ingests untrusted data from external sources and presents it to the agent, which could theoretically be used to influence agent behavior if an attacker controls external metadata (e.g., Sentry issue titles or GitHub run names).
Ingestion points: check_sentry.sh (issue titles via triage_score.sh), check_github_ci.sh (run names via gh run list), and check_vercel_logs.sh (log event text).
Boundary markers: None explicitly implemented to delimit untrusted data in aggregate reports.
Capability inventory: PR creation (/triage fix), branch creation, and markdown file generation (generate_postmortem.sh).
Sanitization: Limited to string truncation (head -c 60 or head -c 50) and JSON parsing via jq.

triage