release-skills
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes multiple shell commands using git and the GitHub CLI (gh) to analyze repository history, identify contributors, and automate the commit, tagging, and pushing of release artifacts.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) because it ingests untrusted data from external sources to generate user-facing changelogs. * Ingestion points: Untrusted data enters via git commit messages and metadata retrieved from the GitHub API using
gh pr view. * Boundary markers: The skill lacks explicit delimiters or instructions to ignore embedded commands within the ingested commit logs. * Capability inventory: The skill possesses the authority to write to the local file system and execute network-altering commands likegit push. * Sanitization: There is no evidence of escaping or validation of the text retrieved from git history before it is interpolated into project files.
Audit Metadata