Skills
skills/catlog22/claude-code-workflow/ship/Gen Agent Trust Hub

ship

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it ingests git logs and diffs which may contain content from untrusted contributors.
  • Ingestion points: External data from git log and git diff is read in phases/02-code-review.md, phases/04-changelog-commit.md, and phases/05-pr-creation.md.
  • Boundary markers: None; the ingested content is interpolated directly into AI review prompts and pull request body templates without delimiters.
  • Capability inventory: The skill has access to the Bash tool for shell execution, Write for file modifications, and network capabilities via git push and gh pr create.
  • Sanitization: No escaping or validation of the ingested git history is performed.
  • [SAFE]: The skill follows security best practices by implementing a risk assessment phase that explicitly checks for modifications to sensitive files (e.g., .env, *secret*, *.key, *.pem) to prevent credential exposure during the release cycle.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 04:03 AM
Security Audit — agent-trust-hub — ship