Skills
skills/seqis/openclaw-skills-converted-from-claude-code/agent-releaser/Gen Agent Trust Hub

agent-releaser

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted external data such as git commits and changelog entries, which presents an attack surface for indirect prompt injection.
  • Ingestion points: Git commits, release notes, and the VERSION_LOG.md file.
  • Boundary markers: Absent; no delimiters or protective instructions are defined to separate untrusted content from system instructions.
  • Capability inventory: The skill utilizes tools like Bash, Read, Write, and Edit.
  • Sanitization: No sanitization logic for external data is present in the skill definition.
  • [COMMAND_EXECUTION]: The skill references the use of Bash for executing release-related tasks. While the intended use is for versioning and deployment, the execution of shell commands based on potentially untrusted input (like commit messages) should be monitored.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 01:13 AM