Skills
skills/donchitos/claude-code-game-studios/team-release/Gen Agent Trust Hub

team-release

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to perform sensitive operations including version bumping, code tagging, and production deployment.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its reliance on external repository data to drive the release process.
  • Ingestion points: The skill reads file content using the Read, Glob, and Grep tools.
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to ignore potentially malicious embedded instructions in the files it reads.
  • Capability inventory: The agent has access to Bash, Write, Edit, and Task (to spawn subagents), creating a broad surface for unauthorized actions if injected.
  • Sanitization: The skill lacks validation or sanitization mechanisms for the data it ingests from the workspace before using it in logic or tool calls.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 11:07 PM