Shipyard CLI
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [Dynamic Execution] (MEDIUM): The skill utilizes Go templates with Sprig functions (detailed in references/templates.md) for generating changelogs, tags, and messages. This involves runtime interpretation of logic and data manipulation based on external or user-provided input.\n- [Indirect Prompt Injection] (LOW): The skill exhibits a vulnerability surface due to its ingestion of untrusted external data.\n
- Ingestion points: The skill parses existing CHANGELOG.md files and conventional commits as described in references/history-conversion.md.\n
- Boundary markers: No delimiters or instructions to ignore embedded commands are documented to isolate external data.\n
- Capability inventory: The skill triggers file system writes (changelogs) and git operations (tags/commits) via the shipyard CLI.\n
- Sanitization: No sanitization or validation of the external changelog content is described before it is processed and rendered into templates.\n- [Unverifiable Dependencies & Remote Code Execution] (LOW): The README.md directs users to install the skill and associated tool via 'npx' from a remote repository (NatoNathan/shipyard), which involves fetching and executing code from a non-whitelisted source.
Audit Metadata