release
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [Command Execution] (SAFE): The skill runs a local script
scripts/release.shto manage the release workflow. The actions (git commit, npm version, gh release) are standard for the skill's purpose and occur within the local repository environment. - [Indirect Prompt Injection] (LOW): The skill processes
CHANGELOG.mdwhich is an external data source. Evidence Chain: 1. Ingestion points: Step 1 readsCHANGELOG.mdto summarize changes. 2. Boundary markers: Absent; the agent is asked to summarize the content directly. 3. Capability inventory: The skill can performgit push,npm version, andgh release createviascripts/release.sh. 4. Sanitization: No explicit sanitization of the changelog content or the version argument in the shell script. However, the workflow requires the user to review the summary and confirm the release, providing a human-in-the-loop safeguard.
Audit Metadata