Release
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands to automate the release process, including
jjfor version control,svbumpfor versioning, anddenofor testing and documentation generation. - [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by reading and processing external data.
- Ingestion points: Commit messages are ingested from the repository history using the
jj logcommand. - Boundary markers: There are no explicit delimiters or instructions provided to the agent to ignore potentially malicious instructions embedded within the commit history.
- Capability inventory: The skill has permissions to write to project files (
deno.json,dist-workspace.toml), create git tags, and push changes to remote repositories (jj git push,git push). - Sanitization: The skill does not implement sanitization or validation logic for the commit messages it processes before they are used in the workflow.
Audit Metadata