git-release
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses standard development tools (
gitandgh) for their intended purposes. It performs checks to ensure the working directory is clean and the remote is up to date before proceeding.- [SAFE]: User oversight is mandated through a critical approval phase. The agent is instructed to present a full release plan and wait for explicit confirmation before executing file updates, commits, or pushes.- [PROMPT_INJECTION]: The skill processes external data (git commit history) which represents an indirect prompt injection surface. However, this risk is mitigated by specific instructions for the agent to 'Verify every change' and 'Validate changelog' against actual commits, as well as the requirement for user review of the generated output. - Ingestion points: Git commit subjects and bodies are ingested via
git login Phase 1 and 2. - Boundary markers: Absent. Commit messages are passed directly to an analysis prompt.
- Capability inventory: The skill can perform shell commands (
git commit,git push,gh release), write to the filesystem (CHANGELOG.md,package.json), and spawn sub-agents. - Sanitization: The skill uses temporary files for release notes to prevent shell argument injection, though it does not explicitly filter content for prompt injection patterns.
Audit Metadata