Skills
skills/moeru-ai/airi/release-note-writer/Gen Agent Trust Hub

release-note-writer

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes various git commands (git tag, git show) to retrieve repository tags and commit details required for drafting release notes.
  • [EXTERNAL_DOWNLOADS]: The skill uses pnpm dlx to fetch the changelogithub package from the official npm registry. This is a standard operation for tools of this nature.
  • [REMOTE_CODE_EXECUTION]: The use of pnpm dlx changelogithub involves the dynamic download and execution of code from a remote repository at runtime.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from git commits and pull request descriptions.
  • Ingestion points: The skill reads git history, commit messages, and external tool outputs (SKILL.md).
  • Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands within the processed commit data.
  • Capability inventory: The agent utilizes shell commands (git, pnpm) and file system inspection.
  • Sanitization: No validation or sanitization is performed on the commit messages before they are incorporated into the agent's context.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 04:30 AM