hs-release
Pass
Audited by Gen Agent Trust Hub on Jun 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local repository scripts (
./scripts/release.sh,./scripts/generate-docs-skill.sh) and standard development tools (git,gh,uv,npx). These operations are consistent with the skill's stated purpose of managing a software release. - [COMMAND_EXECUTION]: Performs high-privilege git operations, specifically pushing commits and tags directly to the
mainbranch. This action triggers automated publication via GitHub Actions. The instructions include explicit warnings and verification steps to mitigate the risk of unintended releases. - [PROMPT_INJECTION]: The skill utilizes an LLM via the
generate-changelogcommand to summarize git commit logs. This presents a surface for indirect prompt injection where malicious content in commit messages could influence the generated changelog summary. - Ingestion points: Git commit logs processed by
generate-changeloginSKILL.md. - Boundary markers: Not explicitly defined in the CLI command.
- Capability inventory: Shell script execution, file writes, and git/GitHub operations (
git,gh,./scripts/release.sh). - Sanitization: Not specified for the processed commit logs.
Audit Metadata