release-cleanup
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses bash to execute git, gh (GitHub CLI), and jq commands. These are utilized for repository state discovery, branch classification, and pruning operations.
- [EXTERNAL_DOWNLOADS]: The skill interacts with GitHub APIs via the official gh command-line tool to fetch Pull Request metadata. This interaction targets a well-known service and is necessary for the skill's primary function of detecting squash-merged branches.
- [DATA_EXFILTRATION]: No evidence of unauthorized data exfiltration. The skill reads repository metadata and PR statuses to perform its cleanup tasks. It stores temporary PR data in
/tmp/rc_prs.jsonfor processing, but does not transmit sensitive user data to external third-party domains. - [PROMPT_INJECTION]: No malicious prompt injection patterns or attempts to override agent safety protocols were detected. The instructions are focused on providing a logical, structured sequence for git maintenance.
- [COMMAND_EXECUTION]: Branch deletion is performed using
git branch -d(and-Das a fallback for verified squash-merges) andgit push origin --delete. These destructive operations are gated by a verification phase and require explicit user confirmation before execution.
Audit Metadata