The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill uses npx to fetch and execute the claude-flow and ruv-swarm packages from the NPM registry. These are the primary tools required for the skill's stated purpose of AI-coordinated release management.
[COMMAND_EXECUTION]: Extensively uses shell commands through Bash blocks and CLI tools (gh, git, npm) to manage repository state, create releases, and deploy artifacts. This is consistent with its role as a release orchestration tool.
[DATA_EXFILTRATION]: The skill documentation includes examples of managing authentication tokens for NPM and GitHub. These operations target the official registries and utilize standard CI/CD secret management practices (e.g., GitHub Actions secrets).
[REMOTE_CODE_EXECUTION]: Provides workflows that execute remote scripts and packages via npx and automated pipelines. These actions are directed at the vendor's own tools and established package registries.
[INDIRECT_PROMPT_INJECTION]: The skill processes external data such as pull request titles, commit messages, and labels to generate changelogs and suggest version bumps. While this presents an ingestion point for untrusted data, the skill uses structured parsing (jq) and targets specific documentation tasks, posing a low risk to the agent's integrity.

github-release-management