Skills
skills/metarhia/metaskills/npm-publish/Gen Agent Trust Hub

npm-publish

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted data from git log and project files (CHANGELOG.md, README.md) to generate release documentation. This presents an indirect prompt injection surface where malicious commit messages or file content could attempt to influence agent behavior. \n
  • Ingestion points: Git commit history via git log, package.json, CHANGELOG.md, and README.md (detected in SKILL.md).\n
  • Boundary markers: Absent; the skill lacks delimiters or explicit instructions to ignore embedded commands in the ingested text.\n
  • Capability inventory: Subprocess execution via npm install, npm test, npx tsc, and npm pack (detected in SKILL.md).\n
  • Sanitization: Absent; the skill formats external text directly into the changelog and documentation files.\n- [COMMAND_EXECUTION]: The skill executes several shell commands to manage dependencies and verify the package, including npm install, npm test, npm audit, npx tsc, and npm pack. These are routine operations for the skill's stated purpose of preparing a software release and are restricted to the local project environment.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 07:50 AM