releasing
Pass
Audited by Gen Agent Trust Hub on Apr 26, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands via Git and the GitHub CLI. These operations are within the expected scope of a release automation tool. Input variables like the version number are strictly validated against a semantic versioning regular expression (
^[0-9]+\.[0-9]+\.[0-9]+$) to prevent command injection. - [REMOTE_CODE_EXECUTION]: The skill scaffolds release scripts and GitHub Action workflows into the target project. These files are created from local templates within the skill directory rather than being downloaded from external or untrusted sources.
- [DATA_EXFILTRATION]: No data exfiltration patterns were detected. Network operations are limited to authenticated GitHub API calls and Git operations targeting the user's own repository.
- [PROMPT_INJECTION]: The skill includes instructions that reinforce safety, such as explicitly requiring user confirmation before committing or pushing changes to a remote repository.
Audit Metadata