release-checklist
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill performs legitimate repository maintenance and reporting tasks. All operations are restricted to local file reading and writing using defined tools.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests data from untrusted sources like codebase comments and project documentation. However, the risk is minimal because the skill lacks the capabilities to execute code or communicate externally. Ingestion points: CLAUDE.md, files in production/milestones/, and codebase comments (TODO/FIXME/HACK). Boundary markers: None. Capability inventory: Read, Glob, Grep, Write. Sanitization: None.
Audit Metadata