The Agent Skills Directory

[PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface. The skill automates the transfer of content between repositories, including configuration and instruction files. 1. Ingestion points: Remote file content retrieved via 'gh api' (SKILL.md). 2. Boundary markers: Absent; files are synced without delimiters or warnings to ignore embedded instructions. 3. Capability inventory: Write access to repositories via 'gh api --method PUT' and PR creation. 4. Sanitization: Absent; files are encoded/decoded as base64 without inspection.
[COMMAND_EXECUTION] (SAFE): Valid use of GitHub CLI. The skill leverages the 'gh' tool for legitimate synchronization tasks as described in its metadata.

github-sync