release-prep
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill provides a surface for indirect prompt injection as it processes repository-level data such as CHANGELOG.md and package.json files. 1. Ingestion points: package.json, CHANGELOG.md. 2. Boundary markers: None present. 3. Capability inventory: Local command execution via pnpm and git. 4. Sanitization: None.
- Command Execution (SAFE): The skill utilizes standard package management and version control commands (pnpm, git) which are appropriate for its stated purpose of release preparation.
Audit Metadata