Skills
skills/ismxy0934/qing-skills/release-skills/Gen Agent Trust Hub

release-skills

Pass

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting untrusted data from external sources.
  • Ingestion points: Commit messages are retrieved via git log and pull request details are fetched using gh pr view.
  • Boundary markers: The workflow does not explicitly define markers to isolate this untrusted content.
  • Capability inventory: The agent can perform sensitive actions such as git commit, git tag, and git push.
  • Sanitization: No explicit sanitization or validation of the commit/PR data is specified before it is used to generate changelogs. However, this surface is inherent to the skill's primary purpose of release automation.
  • [COMMAND_EXECUTION]: The skill utilizes several command-line tools to perform its tasks.
  • Tool list: It executes git for version control management and gh (GitHub CLI) for PR and repository interaction.
  • Context: These commands are used for legitimate, expected operations like analyzing history, committing changes, and pushing tags to remote repositories.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 21, 2026, 09:02 AM