release-prep
Pass
Audited by Gen Agent Trust Hub on Apr 25, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill uses unvalidated user input ([version]) directly in prompts sent to subagents, creating a surface for indirect prompt injection. 1. Ingestion points: The [version] parameter in references/prepare-release.md. 2. Boundary markers: None present. 3. Capability inventory: Subagents can execute shell commands via Bash and modify files. 4. Sanitization: No explicit validation or sanitization of the version string is performed before interpolation.
Audit Metadata