release-notes
Pass
Audited by Gen Agent Trust Hub on Jun 25, 2026
Risk Level: SAFE
Full Analysis
- Safe Script Execution: The skill includes a TypeScript script (
scripts/format-release-notes.ts) that handles data transformation locally. It does not perform any network requests, shell command executions, or file system modifications. - Secure Resource Management: The script accesses bundled resources like the style guide through the platform's execution context (
ctx.files), which is the recommended practice for accessing skill-specific assets. - Input Processing: The skill processes user-provided inputs to generate release notes. While this involves handling external data, the script performs basic formatting without executing the input as code or using it in a way that would bypass safety guidelines.
- Minimal Permissions: The skill does not request or use any sensitive tools or system-level permissions, adhering to the principle of least privilege.
Audit Metadata