semver-release
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill operates as intended for repository maintenance with no evidence of malicious intent or hidden behaviors.
- [COMMAND_EXECUTION]: Command usage is strictly limited to the git binary through the
Bash(git *)tool definition. This prevents the execution of arbitrary shell commands or system-level modifications unrelated to version control. - [PROMPT_INJECTION]: The skill ingests git commit messages and existing CHANGELOG content, creating a surface for indirect prompt injection. However, the instructions provide structured patterns for parsing these logs into metadata rather than executing their content. The use of a custom delimiter (
---commit---) in the git log output serves as a boundary marker to assist the agent in distinguishing untrusted data from instructions.
Audit Metadata