release
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes various shell commands to facilitate the release process, including git operations (log, commit, tag, push) and the execution of the project's local test suite to ensure code quality before release.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it reads and processes data from external sources like git logs and project documentation to generate summaries and determine version bumps.
- Ingestion points: Processes output from
git logand the content ofRELEASE-NOTES.md. - Boundary markers: None provided for the interpolated file content or command output.
- Capability inventory: Includes shell execution (git, tests) and file system modification.
- Sanitization: No explicit sanitization or filtering is performed on the ingested text before it is used to influence the agent's release-related decisions.
- [SAFE]: The identified behaviors—command execution and data ingestion—are directly related to the skill's primary purpose and do not appear to involve malicious patterns such as credential exfiltration or persistence mechanisms.
Audit Metadata