The Agent Skills Directory

[COMMAND_EXECUTION]: In Stage 4.2, the skill extracts command strings from CI configuration files (e.g., .github/workflows/*.yml) using grep and executes them directly. This allows for arbitrary shell command execution based on the contents of repository configuration files.
[REMOTE_CODE_EXECUTION]: The skill orchestrates the installation and execution of various third-party tools (e.g., pip-audit, cargo-audit, gitleaks) and runs package manager commands like npm audit or composer audit, which involve executing external code.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the parsing of CI configuration files in Stage 4.2. Ingestion points: CI configuration files such as .github/workflows/*.yml and .gitlab-ci.yml. Boundary markers: None; command strings are extracted and run without delimiters. Capability inventory: Subprocess execution, file system modification, and network access via Git push operations. Sanitization: The skill does not perform validation or sanitization of commands extracted from CI files.
[DATA_EXFILTRATION]: The skill performs Git operations including 'git push origin ' and 'git fetch', which involve sending local repository data to external remote servers. While this is the intended functionality, it remains a data transfer vector.

pravidhi-commit-protocol