Skills
skills/manaflow-ai/cmux/release/Gen Agent Trust Hub

release

Pass

Audited by Gen Agent Trust Hub on May 10, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill performs routine software release tasks that are consistent with its stated purpose and the provided author context.
  • [COMMAND_EXECUTION]: The skill executes local shell commands and scripts to manage the release cycle.
  • Evidence: Uses git for branching and tagging, gh for PR management, and local scripts like ./scripts/bump-version.sh and ./scripts/release-pretag-guard.sh for metadata updates.
  • Context: These operations are restricted to standard development workflows within the project repository and involve expected release management tools.
  • [PROMPT_INJECTION]: The skill processes metadata from external sources such as Git logs and GitHub PRs/issues, which represents a potential indirect prompt injection surface.
  • Ingestion points: Reads contributor handles and change descriptions from git log, gh pr view, and gh issue view in SKILL.md.
  • Boundary markers: The skill does not define specific delimiters or instructions to ignore embedded commands in the retrieved data.
  • Capability inventory: The agent has the ability to modify the repository (git commit/push/tag) and execute local scripts.
  • Sanitization: No explicit sanitization or validation of the data retrieved from external GitHub sources is described.
Audit Metadata
Risk Level
SAFE
Analyzed
May 10, 2026, 01:28 PM