The Agent Skills Directory

[PROMPT_INJECTION]: The skill contains explicit directives to override standard safety protocols regarding user oversight. Instructions like 'Execute without user confirmation' and 'no user confirmation' are designed to remove human review from sensitive operations such as code modification and merging.
[COMMAND_EXECUTION]: The skill performs autonomous file system and repository modifications. It utilizes shell commands to stage and commit changes ('git add -A && git commit'). Additionally, it calls the 'auto-pr-merge' skill with the '--admin' flag, which is an attempt to bypass repository branch protections and status checks, potentially allowing the agent to force-merge code that has not passed required CI checks or human review.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to its processing of untrusted repository content. Ingestion points: source code files processed by the 'auto-review-fix' sub-agent. Boundary markers: Absent; no delimiters or instructions are used to distinguish code content from potential instructions. Capability inventory: ability to commit changes, create pull requests, and perform administrative merges. Sanitization: Absent; the skill does not include validation or sanitization steps for the fixes generated by the sub-agent before they are merged into the repository.

auto-submit