release-please
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references the
googleapis/release-please-action@v4GitHub Action within its implementation playbooks. This action is maintained by Google, which is a trusted organization, and is a standard dependency for the described functionality. - [PROMPT_INJECTION]: The skill implements a workflow that parses commit messages and pull request descriptions (untrusted data) to generate changelogs and determine version bumps. This creates an indirect prompt injection surface.
- Ingestion points: Conventional Commits in the repository history and Pull Request metadata in
SKILL.md. - Boundary markers: None explicitly defined in the provided workflow templates.
- Capability inventory: The workflow requires
contents: writeandpull-requests: writepermissions as documented in.github/workflows/release-please.yml. - Sanitization: Relies on the parsing logic of the official Google Release Please action.
Audit Metadata