Skills
skills/rfxlamia/claude-skillkit/releasing/Gen Agent Trust Hub

releasing

Pass

Audited by Gen Agent Trust Hub on Mar 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes several standard command-line utilities, including git, npm, node, sed, grep, and the GitHub CLI (gh). These tools are used to read project configuration, update version files, and interact with version control systems as part of the intended release workflow.
  • [SAFE]: High-risk operations are protected by mandatory confirmation gates. Specifically, the skill enforces stop conditions that require explicit user approval before performing a git push to remote servers or creating a public release via gh release create.
  • [PROMPT_INJECTION]: A potential surface for indirect prompt injection exists because the skill processes git commit messages (untrusted external data) to generate project changelogs.
  • Ingestion points: Git commit history retrieved via git log in SKILL.md (Step 5).
  • Boundary markers: Absent; commit messages are directly formatted into the CHANGELOG.md markdown file.
  • Capability inventory: The skill can execute shell commands, modify local files, and perform network operations via git and gh across SKILL.md and references/version-detection.md.
  • Sanitization: No explicit sanitization or filtering is performed on the commit messages before they are processed by the agent.
  • Mitigation: The risk is mitigated by the skill's structured, step-by-step workflow and the requirement for human verification before any destructive or network-facing actions occur.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 22, 2026, 04:37 PM