Skills
skills/plurigrid/asi/github-release-management/Gen Agent Trust Hub

github-release-management

Pass

Audited by Gen Agent Trust Hub on Feb 25, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to perform git operations, version tagging, and package publishing, which involves executing commands on the local system.
  • [EXTERNAL_DOWNLOADS]: It relies on npx to download and execute claude-flow tools at runtime, which is standard for this framework but involves remote code acquisition.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it fetches commit messages and PR metadata via the GitHub API and uses this data to generate changelogs and release notes. Evidence: 1. Ingestion points: gh api calls in SKILL.md used for commit and PR retrieval. 2. Boundary markers: No delimiters are used to wrap the ingested external content. 3. Capability inventory: Access to Bash for command execution, Write for file modification, and package publishing tools. 4. Sanitization: There is no evidence of filtering or escaping commit messages before processing them with AI agents.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 25, 2026, 07:38 PM