Skills
skills/modelcontextprotocol/csharp-sdk/bump-version/Gen Agent Trust Hub

bump-version

Pass

Audited by Gen Agent Trust Hub on Jun 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the GitHub CLI (gh) to perform repository operations, specifically gh release list to identify previous versions and gh pr create to submit version bumps for review.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes external data (Pull Request titles and bodies) to perform its core SemVer assessment logic.
  • Ingestion points: PR metadata (titles and bodies) retrieved from the GitHub API/CLI are used to classify changes as MAJOR, MINOR, or PATCH.
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to ignore potentially malicious commands embedded within the PR descriptions.
  • Capability inventory: The skill has the capability to write to the local file system (src/Directory.Build.props), create git branches, commit changes, and push to the remote repository to create pull requests.
  • Sanitization: The instructions do not specify any validation, sanitization, or filtering of the content retrieved from PRs before it is evaluated by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 19, 2026, 02:54 PM
Security Audit — agent-trust-hub — bump-version