release-skills
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses git and gh commands to analyze project changes and perform repository operations like tagging and committing.
- [DATA_EXFILTRATION]: The workflow includes a git push command to synchronize local changes with a remote repository. This action is the intended outcome of the release process and is protected by a user confirmation step.
- [PROMPT_INJECTION]: The skill processes external data from commit logs and pull requests to generate changelogs, creating an indirect injection surface. Ingestion points: Data is read from git log and GitHub API via the gh CLI. Boundary markers: No explicit delimiters are used to wrap external content during processing. Capability inventory: The agent can modify files, execute local CLI tools, and perform network synchronization. Sanitization: A mandatory user review of proposed changes and the final push action acts as the primary safeguard.
Audit Metadata