Skills
skills/laurigates/claude-plugins/version-badge-pattern/Gen Agent Trust Hub

version-badge-pattern

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The build configurations for Next.js (next.config.mjs) and Vite (vite.config.ts) utilize execSync to retrieve Git metadata, specifically the current commit SHA and branch name. These commands are hardcoded and used to populate environment variables during the build process.
  • [COMMAND_EXECUTION]: The getChangelog function in the build configurations executes a local Node.js script (scripts/parse-changelog.mjs) to generate a JSON representation of the project's CHANGELOG.md file.
  • [PROMPT_INJECTION]: The skill processes untrusted data from the local filesystem (Category 8 surface). Ingestion points: CHANGELOG.md via scripts/parse-changelog.mjs. Boundary markers: None identified. Capability inventory: execSync calls in build configs and local file read operations. Sanitization: Employs regular expression matching to extract specific version headers and change entries, limiting the influence of arbitrary content in the source file.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 11:33 AM