The Agent Skills Directory

[COMMAND_EXECUTION]: The skill makes extensive use of the gh (GitHub CLI) tool to perform repository analysis, search code, and manage workflows. These commands are standard operations for the tool's intended purpose of remote repository discovery and interaction.
[PROMPT_INJECTION]: The skill facilitates fetching and processing data from external, potentially untrusted GitHub repositories (e.g., via gh search code or gh api). This introduces a surface for indirect prompt injection where malicious content in remote files (like READMEs or code comments) could attempt to influence the agent's behavior.
Ingestion points: Remote data fetched from the GitHub API across all workflows.
Boundary markers: The instructions do not provide explicit delimiters to isolate untrusted content from the agent's control instructions.
Capability inventory: The agent has access to the gh tool, which can read/write repository data and manage environment secrets if authenticated.
Sanitization: The skill uses jq and base64 for structured data extraction and decoding, but natural language content is not sanitized before analysis.
[SAFE]: The skill contains no executable scripts or binary dependencies. All external references point to legitimate GitHub documentation or the author's own repositories, and no patterns of credential harvesting or data exfiltration to third-party domains were found.

gh-cli