Skills
skills/cloudsen/eliteforge-skills/eliteforge-feature-oriented-release-flow/Gen Agent Trust Hub

eliteforge-feature-oriented-release-flow

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill automates a multi-state Git release process, executing commands for branching, merging, interactive rebasing, and tagging. It also triggers project-specific deployments via make deploy. These actions are well-defined within the state machine and restricted to the repository context.
  • [DATA_EXPOSURE_AND_EXFILTRATION]: Network activity is restricted to standard Git operations (git fetch, git push, git pull) with the configured origin remote. No unauthorized data exfiltration or external network calls were found.
  • [INDIRECT_PROMPT_INJECTION]: The skill demonstrates safe handling of untrusted user input (versions, task IDs, task names) by enforcing path segment validation and Git reference formatting.
  • Ingestion points: User-provided inputs for version, developer, taskName, and taskId in SKILL.md.
  • Boundary markers: Explicit instructions in SKILL.md to stop if inputs contain path separators ('/').
  • Capability inventory: File system writes (JSON state files), standard Git operations, and execution of local build tools (make).
  • Sanitization: Validation of filename segments in scripts/persist_release_flow_state.py and branch format verification using git check-ref-format in scripts/release_flow_state.sh.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 08:45 AM