release-github-release
Pass
Audited by Gen Agent Trust Hub on May 4, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests untrusted data from git commit logs to generate release notes and determine versioning logic. This creates a surface for indirect prompt injection where malicious content in a commit message could attempt to influence the agent's behavior. The risk is mitigated by mandatory user approval steps.\n
- Ingestion points: Git commit history and tags retrieved via shell commands (SKILL.md).\n
- Boundary markers: None; the agent processes raw log output without delimiters.\n
- Capability inventory: Execution of shell commands including git and gh (SKILL.md).\n
- Sanitization: None; the system relies on manual human review of the draft version and notes.
Audit Metadata