codemie-release
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes several command-line tools (
git,npm,gh) to perform its primary function of releasing software. It executes commands to read version information, analyze commit logs, modify files (package.json), and push changes to remote repositories. - [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it ingests untrusted data from the repository's commit history (
git log) to determine version increments and generate release notes. Maliciously crafted commit messages could attempt to influence the AI's categorization or the content of the generated release documentation. - Ingestion points: Commit messages and bodies read via
git loginSKILL.md. - Boundary markers: None identified; the skill directly processes the output of git commands.
- Capability inventory: File modification (
npm version), repository updates (git push), and remote release creation (gh release create) as defined inSKILL.md. - Sanitization: No explicit sanitization or instruction-filtering is applied to the retrieved commit data before processing.
Audit Metadata