The Agent Skills Directory

[PROMPT_INJECTION]: The skill contains an indirect prompt injection surface because it reads and processes instructions from untrusted files within the project repository.
Ingestion points: The skill searches for and reads CLAUDE.md, AGENTS.md, .claude/CLAUDE.md, and .github/AGENTS.md to identify branching strategies (found in SKILL.md).
Boundary markers: The instructions do not define delimiters or specific warnings to ignore malicious or contradictory instructions that might be embedded in these project files.
Capability inventory: The skill has the capability to push code branches and create/update pull requests using git, gh, and glab commands.
Sanitization: There is no logic to sanitize or validate the content retrieved from these external documentation blocks before it influences agent behavior.
[COMMAND_EXECUTION]: The skill executes various Git and Forge CLI commands to perform its primary tasks.
The skill uses git for repository management and gh (GitHub) or glab (GitLab) for pull request operations.
A local bash script scripts/detect-forge-cli.sh is executed to identify the remote host and available CLI tools.

pr