release
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes standard command-line tools
gitandgh(GitHub CLI) to manage repository state, create tags, and publish releases to GitHub. - [EXTERNAL_DOWNLOADS]: The documentation references recommended plugins for development best practices from established repositories managed by Vercel Labs and Supabase.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it reads and processes external task documents to extract release metadata like 'Type' and 'Version Impact'.
- Ingestion points: Reads content from files linked in the 'Ready to Ship' section of
TASKS.mdand individual task documents. - Boundary markers: The instructions do not specify the use of delimiters or 'ignore' warnings when parsing the contents of task documents.
- Capability inventory: The skill has the capability to execute shell commands (
git commit,git push,gh release create) which could be influenced by malicious content inside task descriptions. - Sanitization: There is no explicit requirement mentioned for sanitizing or escaping the text extracted from task documents before it is used in commit messages or changelogs.
Audit Metadata