ln-912-community-announcer
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute system commands including git log, git diff, ls, and grep for context gathering and fact-checking. It also uses the gh (GitHub CLI) to perform GraphQL mutations and create releases.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests data from external sources within the repository.
- Ingestion points: Phase 1 reads CHANGELOG.md, README.md, and output from git diff and git log.
- Boundary markers: The skill uses predefined templates from discussion_formatting.md to structure the output.
- Capability inventory: The skill has the ability to execute bash commands and perform authenticated GitHub API writes (Phase 5 and 6).
- Sanitization: A mandatory manual review step in Phase 5 ensures that the final draft is inspected by the user before the publishing command is executed.
Audit Metadata