Skills
skills/modelcontextprotocol/csharp-sdk/publish-release/Gen Agent Trust Hub

publish-release

Pass

Audited by Gen Agent Trust Hub on Jun 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the gh CLI for listing and creating GitHub releases, and uses git (via diffing) to manage release body updates. It explicitly mandates using --draft to prevent accidental publications.
  • [REMOTE_CODE_EXECUTION]: The skill extracts C# code blocks from markdown documentation and builds them in a temporary project. This dynamic execution is a standard functional step to ensure the validity of SDK documentation.
  • [PROMPT_INJECTION]: The skill processes content from PR descriptions and markdown files, which represents an indirect prompt injection surface.
  • Ingestion points: Pull request metadata and README files (SKILL.md Step 3 and Step 5).
  • Boundary markers: None explicitly implemented; safety relies on the PR being previously merged into a trusted branch.
  • Capability inventory: File system modification for test projects and execution of the gh command-line tool.
  • Sanitization: The skill does not implement specific sanitization or escaping for the extracted code snippets or PR text.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 26, 2026, 10:22 AM
Security Audit — agent-trust-hub — publish-release