The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The installation instructions reference the pskoett/pskoett-ai-skills repository and the github/gh-aw extension. These are well-known or vendor-specific sources and are documented as part of the intended setup process.
[PROMPT_INJECTION]: The skill implements an automated learning loop that processes pull request data and CI results, creating a surface for indirect prompt injection. * Ingestion points: CI failures, PR checks, and workflow results (referenced in SKILL.md and references/workflow-example.md). * Boundary markers: No delimiters or instructions to ignore embedded malicious content are present. * Capability inventory: The skill generates YAML output containing suggested_rule and promotion_ready flags used to update system prompt files such as CLAUDE.md, AGENTS.md, and SOUL.md. * Sanitization: There is no evidence of filtering or sanitizing the failure logs before they are used to derive new rules. An attacker could craft a pull request that triggers specific failure messages, potentially misleading the agent into adopting harmful instructions.

self-improvement-ci