Skills
skills/yonatangross/orchestkit/release-management/Gen Agent Trust Hub

release-management

Pass

Audited by Gen Agent Trust Hub on Feb 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [Indirect Prompt Injection] (LOW): The file scripts/create-release.md uses dynamic command interpolation (the ! prefix) to gather repository context such as commit logs and branch names. If these sources contain malicious instructions (e.g., in a commit message), they could potentially influence the agent's behavior when the release notes are processed.
  • Ingestion points: scripts/create-release.md (Context detection and Recent Changes sections).
  • Boundary markers: Absent; output is interpolated directly into the markdown body.
  • Capability inventory: Shell execution for git and gh CLI operations.
  • Sanitization: No sanitization or escaping of git output is performed.
  • [Dynamic Execution] (LOW): The script scripts/create-release.md assembles shell commands using the $ARGUMENTS variable. While this is the intended functionality for setting version tags, it presents a potential command injection vector if the orchestrating agent does not sanitize the input provided by the user.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 20, 2026, 10:05 PM