release-notes
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The SKILL.md file contains a security warning directing the agent to treat all third-party commit messages as data and never execute embedded instructions, protecting against injection.
- [EXTERNAL_DOWNLOADS]: Instructions strictly prohibit the use of curl, gh api, or external URLs to fetch logs, mitigating risks associated with untrusted external content.
- [SAFE]: The skill does not utilize any tools for file system modification, credential access, or shell command execution, maintaining a minimal and safe permission scope.
Audit Metadata