The Agent Skills Directory

[PROMPT_INJECTION]: The skill processes untrusted external data (dependency changelogs, release notes, and source code) which can contain malicious instructions targeting the AI agent. * Ingestion points: Identified in scripts/analyze-upgrade.sh (directory traversal) and SKILL.md (metadata parsing). * Boundary markers: No explicit markers or instructions to ignore embedded commands are present in the provided logic. * Capability inventory: The skill claims the ability to create pull requests and execute tests as part of the upgrade workflow. * Sanitization: There is no evidence of sanitization or validation of content retrieved from external dependency sources.

dependency-upgrade