The Agent Skills Directory

[COMMAND_EXECUTION]: The skill provides instructions for the agent to use command-line tools for version control.
Uses git for core operations including high-impact commands like git rebase and git filter-branch (file: references/advanced.md, references/troubleshooting.md).
Uses gh (GitHub CLI) for pull request automation and merging.
References an unknown tool bd for task management tasks like bd close and bd ready (file: SKILL.md).
Includes bfg (BFG Repo-Cleaner) for purging sensitive data from history.
[PROMPT_INJECTION]: The skill contains instructions that override the agent's default behavior regarding identity and attribution.
It strictly forbids the use of Co-Authored-By, Signed-off-by, or mentions like Generated with Claude Code in commits and PRs, stating "This rule has no exceptions" (file: SKILL.md).
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to its operational dependency on external data.
Ingestion points: The agent reads and interprets commit messages, branch names, and pull request metadata which are provided by potentially untrusted external users.
Boundary markers: There are no security delimiters or instructions to ignore embedded prompts within the repository data processed.
Capability inventory: The agent can perform significant write operations including git push and gh pr merge --squash.
Sanitization: No sanitization or validation logic is defined for the content of the git history or PR descriptions before they are processed by the agent.

git-operations