analyzing-releases

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted external data from changelogs and web pages, creating a vulnerability surface for indirect prompt injection attacks.
  • Ingestion points: External data is ingested via the releases CLI and various typed tools (e.g., get_source_changelog), as well as arbitrary web content retrieved through the WebFetch tool.
  • Boundary markers: The instructions do not provide explicit boundary markers or delimiters to isolate untrusted release content from the agent's primary instructions.
  • Capability inventory: The skill possesses tools to search, fetch, and synthesize release data, and the capability to fetch arbitrary content from the web via WebFetch.
  • Sanitization: There are no requirements or instructions for the agent to sanitize, validate, or filter the content retrieved from external sources before processing it.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 11:19 PM
Security Audit — agent-trust-hub — analyzing-releases