Skills
skills/everyinc/compound-engineering-plugin/ce-promote/Gen Agent Trust Hub

ce-promote

Pass

Audited by Gen Agent Trust Hub on Jun 25, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes local git and GitHub CLI commands, such as git diff, git log, and gh pr view, to extract context about recently shipped features. It also interacts with the spiral CLI for authentication, state detection, and generating marketing drafts.
  • [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the @every-env/spiral-cli package from the npm registry and uses npx to execute its setup routines. These resources are provided by the skill's vendor to enable optional personalized drafting features.
  • [PROMPT_INJECTION]: The skill processes external data that could contain malicious instructions designed to manipulate the generated marketing copy.
  • Ingestion points: Pull request titles and bodies retrieved via gh pr view, git diff outputs, and local changelog files.
  • Boundary markers: Untrusted data from these sources is interpolated into drafting prompts without using explicit delimiters or instructions to ignore embedded commands.
  • Capability inventory: The agent can read local files, execute shell commands, and transmit the generated summaries to the vendor's API for processing.
  • Sanitization: No sanitization or filtering is performed on the ingested content before it is used for prompt generation.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 25, 2026, 06:29 AM
Security Audit — agent-trust-hub — ce-promote