Skills
skills/cartridge-gg/controller/dispatch-release/Gen Agent Trust Hub

dispatch-release

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [Indirect Prompt Injection] (LOW): The skill instructs the agent to construct and execute shell commands using variables provided by the user, which could be exploited if the input contains command injection sequences.
  • Ingestion points: The version and tag parameters used in the gh workflow run commands.
  • Boundary markers: Absent. The commands use double quotes (e.g., version="X.Y.Z"), but there are no instructions to the agent to ensure the input does not escape these quotes.
  • Capability inventory: The agent is given instructions to execute gh (GitHub CLI) for workflow dispatch, PR merging, and release deletion, as well as npm and jq for version verification.
  • Sanitization: Absent. The skill does not provide regex patterns or validation steps to ensure the version string follows Semantic Versioning before being used in a shell context.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:45 PM