Skills
skills/sipengxie2024/superpower-planning/releasing/Gen Agent Trust Hub

releasing

Pass

Audited by Gen Agent Trust Hub on Feb 21, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION] (SAFE): The skill uses git and gh (GitHub CLI) to perform versioning and release tasks. These commands are necessary for the skill's primary purpose and do not target sensitive system files.
  • [DATA_EXFILTRATION] (SAFE): Network activity is restricted to authenticated GitHub operations (git push, gh release). No sensitive data from files like .ssh or .aws is accessed or transmitted.
  • [PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface (Category 8):
  • Ingestion points: Reads commit messages via git log (SKILL.md).
  • Boundary markers: Uses a heredoc (EOF) to delimit the changelog content in the release notes, which provides basic command separation.
  • Capability inventory: Can push tags to remote repositories and create public GitHub Releases.
  • Sanitization: No explicit sanitization or filtering of commit message content before inclusion in the release notes.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 21, 2026, 05:49 PM