release-automation

[Skill Scanner] Natural language instruction to download and install from URL detected All findings: [CRITICAL] command_injection: Natural language instruction to download and install from URL detected (CI009) [AITech 9.1.4] [CRITICAL] command_injection: Natural language instruction to download and install from URL detected (CI009) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] This skill is consistent with its stated purpose (release automation). It contains no evidence of credential harvesting, remote payload downloads, or covert exfiltration. The primary risks are operational: the scripts carry high-impact actions (commits, tags, pushes, and publishing/unpublishing) and include a bypass flag (--skip-checks) which can be used to avoid safety validations. Use requires care: run with --dry-run first, ensure caches are trusted, and do not enable skip-checks unless you understand implications. Overall, behaviour is coherent and expected for a release automation tool, but it is high-impact if misused or run in the wrong repository/environment. LLM verification: The analysis indicates the material aligns with a multi-ecosystem release automation objective but carries notable security and operational risks due to external CLI dependencies, potential unattended publishing, and broad scope. Treat as a high-risk, yet non-malicious blueprint requiring strict controls: pin CLI versions, enforce dry-run/policy checks, limit permissions, and require explicit user confirmations before publishing. Recommend isolating to a per-project, audited workflow with formal