Skills
skills/thedotmack/claude-mem/claude-code-plugin-release/Gen Agent Trust Hub

claude-code-plugin-release

Pass

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection by processing external data from GitHub release notes.
  • Ingestion points: The scripts/generate_changelog.js script reads release data from stdin during the changelog generation step.
  • Boundary markers: No delimiters or ignore-instructions warnings are used when writing external content to the CHANGELOG.md file.
  • Capability inventory: The skill has the capability to perform high-impact actions including npm publish, git push, and gh release create (documented in SKILL.md).
  • Sanitization: The scripts/generate_changelog.js script does not perform any sanitization or validation of the r.body field before outputting it.
  • [COMMAND_EXECUTION]: The skill performs several powerful shell operations as part of its standard workflow.
  • The workflow executes npm publish, which can modify the state of public package registries.
  • The workflow executes git push and gh release create, which can modify the state of the remote repository and its releases.
  • The skill accesses and executes code from a non-standard local path (~/Scripts/claude-mem/), which may lead to security or stability issues if the environment contains unexpected or malicious scripts.
Audit Metadata
Risk Level
SAFE
Analyzed
May 7, 2026, 09:37 PM
Security Audit — agent-trust-hub — claude-code-plugin-release