release
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute standard development commands for version control (git) and project management (npm). It runs linting, static analysis, and multiple test suites (wpunit, functional, and acceptance) to ensure code quality before a release.
- [SAFE]: Implements a security-conscious workflow by including a
PreToolUsehook that runs a local script (block-git-push.sh) to prevent the agent from accidentally pushing code to remote repositories. - [SAFE]: Includes explicit instructions to the AI agent to stop and wait for user confirmation before performing irreversible actions, such as tagging a version for release.
- [EXTERNAL_DOWNLOADS]: References official vendor and industry domains (simple-history.com, wordpress.org, lemonsqueezy.com) for distribution and verification tasks, which are consistent with the skill's primary purpose of managing a plugin release.
Audit Metadata