Skills
skills/river-walras/virtus/git-auto-release/Gen Agent Trust Hub

git-auto-release

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses shell commands through the Git CLI to inspect status, create commits, and push changes to remote servers.
  • [COMMAND_EXECUTION]: The skill executes development tools like pytest and ruff by discovering relevant commands in repository documentation.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and executes commands provided in external repository files.
  • Ingestion points: Uses content from AGENTS.md, README, pyproject.toml, and CI configurations as a source for executable commands.
  • Boundary markers: No specific delimiters or safety warnings are included to isolate content from these files.
  • Capability inventory: Access to shell command execution and network operations (git push).
  • Sanitization: Relies on the agent's inspection of diffs without automated validation of commands extracted from documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 11:50 AM