Skills
skills/shipshitdev/library/release-pr-gates/Gen Agent Trust Hub

release-pr-gates

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill directs the agent to execute local quality gate checks using standard development tools including npm, bun, bunx, and tsc. While these tools execute scripts defined within the local repository's configuration (e.g., package.json), they represent the intended functionality for a release management skill.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through the ingestion of external repository data.\n
  • Ingestion points: The agent reads untrusted data from GitHub Actions logs (gh run view --log) and pull request metadata (gh pr list).\n
  • Boundary markers: The instructions do not define specific delimiters or instructions to ignore embedded commands when processing log output or PR content.\n
  • Capability inventory: The skill possesses the capability to execute shell commands via git and gh, and potentially others if the allowed-tools restriction is not strictly enforced by the platform.\n
  • Sanitization: There is no evidence of sanitization or filtering applied to the external log data before it is processed by the agent to create summaries.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 01:13 PM
Security Audit — agent-trust-hub — release-pr-gates