release
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes multiple local scripts and system commands (git, uv) to manage the release process. This includes bumping versions, committing changes, tagging, and pushing to remote repositories. The
commit-and-pushscript also executes an external project script./scripts/fix. - [PROMPT_INJECTION]: The skill processes untrusted data from git commit messages and code diffs to generate release notes and suggest release types, creating a surface for indirect prompt injection.
- Ingestion points: Git commit subjects and file diffs read via
git logandgit diffinSKILL.mdPhase 3 and Phase 5. - Boundary markers: Absent; the agent is instructed to summarize changes based on raw diff output.
- Capability inventory: Subprocess execution for versioning (
uv version), staging (git add), committing (git commit), and pushing (git push). - Sanitization: No specific sanitization or filtering of commit messages or diff content is performed before processing.
Audit Metadata