release-plannotator
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill performs automated release workflows by executing local shell commands including git (for history, tagging, and pushing), GitHub CLI (for metadata retrieval and release management), and bun (for project builds).
- [PROMPT_INJECTION]: The skill ingests data from external sources such as GitHub PR descriptions and issue comments to generate release notes. This represents a surface for indirect prompt injection. However, the instructions mandate a human review of the generated content before any high-privilege actions like version bumping or tagging are performed.
- [EXTERNAL_DOWNLOADS]: Reference release notes contain project-specific installation examples (e.g., scripts from plannotator.ai) intended for end-users. These are used as templates for user documentation and are not executed by the agent during the skill's operation.
Audit Metadata