generate-release-notes
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the official GitHub CLI (gh) to fetch pull request data, compare repository tags, and create releases. It also executes local shell commands such as date and mkdir for directory management.
- [EXTERNAL_DOWNLOADS]: Fetches development logs and project metadata from well-known platforms including GitHub, Linear, and Jira.
- [PROMPT_INJECTION]: The skill processes untrusted content from external issue trackers which provides a surface for indirect prompt injection.
- Ingestion points: Pull request bodies and issue descriptions from GitHub, Linear, and Jira (SKILL.md).
- Boundary markers: No explicit delimiters or safety instructions are provided to the agent to disregard instructions embedded within the ingested project data.
- Capability inventory: The skill can execute shell commands via the gh CLI, write files to the vault, and interact with external APIs via WebFetch or specialized tools (SKILL.md).
- Sanitization: External content is summarized and categorized without explicit sanitization or filtering, though a mandatory human review gate is included before publishing.
Audit Metadata