release-gate
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [Command Execution] (MEDIUM): The skill executes 'pnpm check:all' which triggers scripts in the repository's package.json file, allowing for arbitrary command execution within the project environment.
- [File System Access] (MEDIUM): The 'run_release_gate.sh' script accepts a log path as a positional argument and uses 'tee' to write output, which could allow overwriting system or configuration files if the path is not restricted by the agent or system environment.
- [Indirect Prompt Injection] (LOW): 1. Ingestion: The agent captures and summarizes the stdout/stderr of the pnpm command as part of its workflow. 2. Boundaries: No delimiters or instructions to ignore embedded text are present in the prompt template. 3. Capabilities: The skill has command execution and file writing capabilities. 4. Sanitization: The output is summarized directly without validation or filtering for malicious instructions in the build logs.
Audit Metadata