Skills
skills/cat-xierluo/legal-skills/subtree-publish/Gen Agent Trust Hub

subtree-publish

Warn

Audited by Gen Agent Trust Hub on Apr 24, 2026

Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/create-release.sh extracts a version string from SKILL.md using grep and sed, then interpolates this value directly into an awk script pattern. A maliciously crafted version string in SKILL.md could break the awk logic and execute arbitrary system commands via awk's internal functions.
  • [COMMAND_EXECUTION]: The automation scripts (subtree-push.sh and create-release.sh) perform numerous shell operations using git, gh (GitHub CLI), and zip. While most variables are quoted, the process of extracting data from project files (like SKILL.md descriptions or CHANGELOG.md notes) and passing them to shell commands creates a risk of argument injection if the content is not strictly validated.
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute local shell scripts that perform critical operations, including creating GitHub repositories, adding git remotes, and pushing code. These operations rely on the environment's existing gh and git authentication, and while intended for project management, they grant the skill significant control over the user's GitHub resources.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 24, 2026, 09:42 AM