The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection during project analysis. Ingestion points: The WorkflowAnalyzer class in resources/implementation-playbook.md reads .github/workflows/*.yml, .gitlab-ci.yml, Jenkinsfile, and README.md. Boundary markers: The skill does not define specific delimiters or instructions to ignore embedded commands within the ingested project content. Capability inventory: The agent can generate and suggest execution of complex CI/CD workflows, shell scripts, and cloud infrastructure commands. Sanitization: The script uses yaml.safe_load() for YAML files, but performs raw reads of text files like README.md without sanitization.
[DATA_EXFILTRATION]: The skill implements logic to access and read local project configurations. The WorkflowAnalyzer script traverses the project directory and reads the contents of CI/CD definitions and documentation, exposing this configuration data to the agent's context.
[EXTERNAL_DOWNLOADS]: The skill utilizes various external resources and packages for automation tasks. It references numerous GitHub Actions and installs packages from NPM and PyPI, such as semantic-release and pre-commit, which are sourced from well-known technology organizations and reputable services.

cicd-automation-workflow-automate