release
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill describes a workflow that ingests data from external search results (pdf-brain) and changeset files to generate AI-driven PR titles and release tweets. This creates an indirect prompt injection surface. Ingestion points: .changeset/*.md files and pdf-brain search output. Boundary markers: None identified in the workflow descriptions. Capability inventory: git push, npm publish, gh pr merge. Sanitization: Not specified.
- [EXTERNAL_DOWNLOADS] (LOW): The skill references an external utility 'pdf-brain' and local scripts (scripts/ci-publish.sh, scripts/bump-version.sh) that are not provided within the skill source.
- [COMMAND_EXECUTION] (SAFE): The skill utilizes standard system commands (git, npm, bun, jq) appropriate for its stated purpose of software release management.
Audit Metadata