release-please-standards
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references the official 'release-please-action' from the 'googleapis' GitHub organization. This is a well-known and trusted source for CI/CD automation.
- [CREDENTIALS_UNSAFE]: No hardcoded secrets were found. The configuration templates correctly use GitHub Actions secret interpolation (e.g.,
${{ secrets.MY_RELEASE_PLEASE_TOKEN }}) to handle sensitive credentials. - [COMMAND_EXECUTION]: While the skill allows the use of 'Bash' and file manipulation tools, these are intended for validating and applying standard configurations. No suspicious or unauthorized command patterns were detected.
- [SAFE]: The content is strictly limited to documentation, configuration schemas, and validation logic for release automation, with no evidence of malicious intent or dangerous patterns.
Audit Metadata