The Agent Skills Directory

[COMMAND_EXECUTION]: The skill relies heavily on shell command execution, including the GitHub CLI (gh), Git, and utility tools like jq, xargs, and date. It provides scripts for complex batch operations and workflow automation.- [EXTERNAL_DOWNLOADS]: The documentation in 'references/issue-management.md' recommends installing a third-party extension 'yahsan2/gh-sub-issue' to handle sub-issues. This extension originates from an unverified individual source outside of the trusted vendors list.- [PROMPT_INJECTION]: The skill's primary function involves processing attacker-controllable data from GitHub issues, pull requests, and comments, which creates a surface for indirect prompt injection attacks.
Ingestion points: Data is ingested through multiple gh commands such as 'gh issue list', 'gh pr view', and 'gh api' calls that retrieve titles, bodies, and comments from external repositories.
Boundary markers: The skill does not implement delimiters or provide instructions to the AI to ignore embedded commands when processing or summarizing GitHub content.
Capability inventory: The agent has extensive capabilities including shell command execution, network access (via GitHub APIs), and the ability to modify repository state (merging PRs, closing issues).
Sanitization: There is no evidence of sanitization, filtering, or validation of the text retrieved from GitHub before it is presented to the agent for processing.

github-operations