The Agent Skills Directory

[PROMPT_INJECTION]: The skill contains multiple directives to override standard safety protocols by operating without human-in-the-loop confirmation. It explicitly commands the agent to 'Execute this entire process autonomously without asking the user for confirmation at any step' and 'Just do it', which can lead to unintended or malicious actions being performed without oversight.
[COMMAND_EXECUTION]: The workflow incorporates the gh pr merge --admin command. The --admin flag is a powerful administrative override that bypasses branch protection rules, such as required status checks, signing requirements, or mandatory peer reviews. Using this flag autonomously allows the agent to force code into protected branches that may not meet the repository's security or quality standards.
[COMMAND_EXECUTION]: The skill is configured to attempt an administrative merge even if the 'Fix Loop' fails to resolve issues after three iterations. This means the agent is instructed to intentionally merge broken or non-compliant code into the codebase using elevated privileges.
[DATA_EXFILTRATION]: The process involves reading CI logs via gh run view --log-failed. While necessary for debugging, this exposes the agent to potentially sensitive data, such as unmasked environment variables or secrets leaked in build logs, which are then processed as context for the 'Fix' stage.

auto-pr-merge