release
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local commands such as
npm run registry:build,git commit,git push, andnpm publish. It also runs a local script./scripts/deploy-docs.sh. These are standard and expected operations for a release automation tool.\n- [EXTERNAL_DOWNLOADS]: The skill interacts with the well-known services GitHub and npm. It uses the system browser viaxdg-opento prefill a GitHub release form, allowing for user review before publishing.\n- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection during the 'Prepare Release Notes' phase.\n - Ingestion points: Reads git commit history and merged pull request descriptions from the local repository.\n
- Boundary markers: None explicitly defined to separate untrusted commit data from agent instructions.\n
- Capability inventory: The skill can execute shell commands (
npm,git) and modify repository files.\n - Sanitization: None explicitly mentioned; the agent is tasked with summarizing changes into a specific markdown format. This behavior is associated with the primary skill purpose and is considered a low-risk, standard feature.
Audit Metadata