github-release
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: Executes standard command-line tools including
git,gh, andnpmto manage repository state and automate the publishing process. These operations are essential for the skill's primary function of release management. - [COMMAND_EXECUTION]: Runs
npm run buildandnode -p, which involves executing code and configuration defined within the project being released (e.g.,package.json). This is routine for build and deployment workflows. - [SAFE]: Incorporates strong security-first practices by mandating secret scans with
gitleaksand performing manual checks for hardcoded API keys or tokens in configuration files before publication. - [SAFE]: Includes validation logic for project metadata, ensuring that mandatory files like
LICENSE,README.md, and.gitignoreare correctly configured to prevent the accidental exposure of personal artifacts or sensitive data.
Audit Metadata