The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes shell commands using acli and curl to manage Jira issues. These operations are limited to the official Atlassian domains (redhat.atlassian.net) and are essential for the skill's functionality.
[DATA_EXPOSURE]: The skill interacts with sensitive configuration files such as ~/.config/acli/jira_config.yaml and a local .jira-token file. It follows best practices by instructing the agent to use shell variable substitution (e.g., cat into a variable) to avoid leaking credentials into the LLM's context.
[INDIRECT_PROMPT_INJECTION]: The skill processes external data from Jira issues, including summaries, descriptions, and comments, which constitutes a potential injection surface.
Ingestion points: Untrusted data enters the context via acli search/view commands and GraphQL queries, particularly when processed by scripts/parse_issues.py.
Boundary markers: The instructions do not define specific delimiters or "ignore" warnings to separate user-provided issue content from system instructions.
Capability inventory: The skill has access to shell execution (acli), network requests (curl), and file system writes (generating markdown reports).
Sanitization: Content is extracted and flattened (e.g., ADF to text conversion in parse_issues.py), but no semantic sanitization of natural language content is performed.

rhdh-jira