The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The skill implements patterns for reading sensitive authentication tokens from the local filesystem to automate release and deployment processes.
Evidence: references/bootstrap-monorepo.md and references/task-levels.md describe loading GH_TOKEN from ~/.claude/.secrets/gh-token via the read_file helper.
Evidence: references/patterns.md contains task definitions that execute gh auth token to retrieve credentials dynamically.
[REMOTE_CODE_EXECUTION]: The skill documents experimental functionality that allows for the inclusion of remote task configuration files from external URLs, which represents a potential remote code execution vector.
Evidence: references/advanced.md illustrates the include directive: include = ["https://example.com/tasks.toml"].
[PROMPT_INJECTION]: Task definitions utilize argument interpolation in shell scripts, creating a surface for indirect prompt injection or shell injection vulnerabilities.
Ingestion points: User input is ingested through the usage DSL defined in references/arguments.md and stored in variables like usage_<name>.
Boundary markers: The patterns provided do not include explicit sanitization or delimiters for these variables within the bash run blocks.
Capability inventory: The skill relies on the Bash tool and complex run commands across multiple reference files for project automation.
Sanitization: No explicit escaping or validation logic for interpolated shell variables is demonstrated in the patterns.
[COMMAND_EXECUTION]: The skill facilitates extensive command-line operations for tool management and CI/CD pipelines.
Evidence: Frequent execution of tools such as cargo, uv, pants, kubectl, and git within automated task definitions.

mise-tasks