The Agent Skills Directory

[COMMAND_EXECUTION]: The skill automates various Git and Azure CLI operations. It runs commands such as git status, git log, git diff, and git push to manage local repository state. It also utilizes the az CLI for managing Azure DevOps resources, including az boards work-item show and az repos pr create as documented in SKILL.md.
[PROMPT_INJECTION]: The skill contains an attack surface for indirect prompt injection (Category 8). It processes external, potentially untrusted data from git commit messages and diffs to generate content for pull request titles and descriptions.
Ingestion points: Data is ingested from git log and git diff outputs within the local repository environment as specified in SKILL.md.
Boundary markers: While the skill employs structured templates and conventional commit formats, it lacks explicit instructions to treat the ingested commit history as untrusted or to ignore embedded instructions.
Capability inventory: The skill possesses significant capabilities, including the ability to write to remote repositories and transition work items using the az CLI, as documented across several sections of SKILL.md.
Sanitization: The skill instructions do not specify any sanitization, filtering, or escaping mechanisms to be applied to the ingested git metadata before it is interpolated into CLI command arguments.

pull-request-elegant