release-readiness-checklist
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes various local shell commands to introspect the project's build system and codebase status.
- Evidence: It runs
make -qpandjust --listto identify build targets inSKILL.md. - Evidence: It uses
grepto scan for TODO comments and debug statements across multiple file types inreferences/checklist-details.md. - Evidence: It invokes security scanners like
gitleaksandtrufflehogto search for exposed secrets in the current directory and git history. - Context: These operations are necessary for the skill's primary function of release auditing and are performed locally.
- [PROMPT_INJECTION]: The skill contains an attack surface for indirect prompt injection because it reads and processes the contents of user-provided codebase files.
- Ingestion points: File contents are ingested via
grepsearches and security scanning tools (gitleaks,trufflehog) as specified inreferences/checklist-details.mdandreferences/secrets-scanning.md. - Boundary markers: There are no explicit markers or safety instructions used when presenting the results of these file scans to the agent.
- Capability inventory: The skill has the ability to execute significant local tools (
make,npm,git,cargo), creating a risk if an attacker embeds instructions within the repository files. - Sanitization: No sanitization or filtering of the file contents or scanner outputs is performed before analysis.
Audit Metadata