npm-publish-ci-cd
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to analyze user-provided project files like package.json and commit histories to facilitate configuration, creating a surface for indirect prompt injection. 1. Ingestion points: User project metadata and commit history are analyzed in Step 2 and Step 4 of the main skill file. 2. Boundary markers: No delimiters or instructions are provided to the agent to ignore or isolate embedded commands within processed files. 3. Capability inventory: The skill utilizes capabilities for npm install, npx execution, and file system writes to set up the release environment. 4. Sanitization: The skill does not specify validation or sanitization of the ingested project metadata before it is used in configuration generation.
- [SAFE]: The skill demonstrates strong security awareness by recommending OIDC and Trusted Publishing to eliminate long-lived secrets and promoting the use of SLSA provenance attestations for supply-chain security.
Audit Metadata