create-release-notes
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute git commands (such as git tag and git log) to programmatically gather commit history and version tags for the release documentation process.
- [PROMPT_INJECTION]: The skill has a vulnerability surface for indirect prompt injection due to its handling of data from external contributors.
- Ingestion points: Data is ingested from git commit messages and PR descriptions in SKILL.md (Workflow Step 3).
- Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are specified in the instructions for processing this external text.
- Capability inventory: The skill has permissions for Bash, Write, and Read tools, which could be exploited if malicious instructions in a PR description are executed by the agent.
- Sanitization: There is no evidence of sanitization, filtering, or validation of the text retrieved from the git history.
Audit Metadata