cmux-release
Pass
Audited by Gen Agent Trust Hub on Jun 12, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes repository-local shell scripts
./scripts/bump-version.shand./scripts/release-pretag-guard.shto handle versioning logic and pre-release verification. - [COMMAND_EXECUTION]: It employs standard command-line interfaces including
gitfor tag management and pushing, and the GitHub CLI (gh) to watch release workflow status. - [SAFE]: References to sensitive secrets (e.g., Apple certificate passwords) are documented only as environment requirements for the GitHub Actions pipeline; no credentials are hardcoded or exfiltrated.
- [SAFE]: All external download links and repository references point to the vendor's official GitHub organization (
manaflow-ai), representing legitimate development workflows.
Audit Metadata