dotnet-github-releases
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the GitHub CLI (gh) and curl to perform release operations and interact with the GitHub API. These tools are used appropriately for the skill's intended purpose and demonstrate correct usage of environment variables for authentication.\n- [EXTERNAL_DOWNLOADS]: The skill references the softprops/action-gh-release@v2 GitHub Action. This is a well-known community action for release management and is treated as a safe external dependency.\n- [DATA_EXFILTRATION]: Network operations are directed exclusively to official GitHub API endpoints (api.github.com and uploads.github.com). No unauthorized or suspicious data exfiltration patterns were identified.\n- [INDIRECT_PROMPT_INJECTION]: The skill demonstrates an attack surface for indirect prompt injection through the processing of external data.\n
- Ingestion points: Release notes are extracted from a local CHANGELOG.md file using sed in the command-line examples.\n
- Boundary markers: No explicit delimiters or warnings to ignore embedded instructions are used when interpolating the file content into the release notes.\n
- Capability inventory: The skill uses gh release create and the GitHub REST API, which have the capability to modify repository state and create public-facing content.\n
- Sanitization: Content from the changelog is interpolated directly into CLI command arguments without sanitization or validation.
Audit Metadata