ship
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill automates the release process by executing shell commands with 'git' and the GitHub CLI ('gh').
- Uses 'git status', 'fetch', 'log', 'rebase', and 'merge' to manage branch state before deployment.
- Uses 'gh pr create' to publish changes and 'gh pr checks' and 'gh run' to monitor the CI/CD pipeline.
- Implements a 'git revert' mechanism for rapid rollbacks in case of post-deployment failures.
- [SAFE]: Implements proactive security scanning through integrated bash scripts ('pre-ship-check.sh' and 'quality-check.sh').
- The scripts automatically check for staged secrets, '.env' files, and sensitive credentials in the diff before allowing a PR to be created.
- Enforces hygiene checks by verifying the target branch and scanning for broken links in the project documentation.
- [SAFE]: Enforces human-in-the-loop oversight through a mandatory 'PR Preview' phase.
- The agent must present a full summary of intended changes and wait for explicit user confirmation before interacting with the GitHub API.
- Validates that previous security and review artifacts have been addressed, ensuring no blocking security findings are shipped to production.
Audit Metadata