The Agent Skills Directory

[PROMPT_INJECTION] (LOW): The skill exhibits a surface for Indirect Prompt Injection (Category 8). It ingests content from external repositories via gh api (Ingestion Points: package.json, CLAUDE.md) without applying delimiters (Boundary Markers: Absent) and uses that content to perform file writes or create Pull Requests (Capability Inventory). The skill does not validate or sanitize the fetched strings before processing them (Sanitization: Absent), which could allow malicious instructions in a source repository to influence the agent's synchronization logic.
[COMMAND_EXECUTION] (SAFE): The skill utilizes the GitHub CLI (gh) for legitimate repository management operations. These commands are necessary for the skill's primary function and do not involve the execution of untrusted external scripts or arbitrary shell commands.

github-sync