astro-release
Pass
Audited by Gen Agent Trust Hub on Jun 24, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes commands using the GitHub CLI (
gh) to manage project milestones and retrieve pull request details. It also usesnpm viewto verify package versions andpbcopyto provide content for user review. - [PROMPT_INJECTION]: The skill aggregates community contributors by reading comments and reviews from public GitHub repositories. This constitutes an indirect prompt injection surface.
- Ingestion points: Pull request and issue comments from the
withastro/astroandwithastro/docsrepositories. - Boundary markers: No explicit markers are used for the external comment data, but the agent is directed to specific repositories.
- Capability inventory: Execution of shell commands via
ghandnpm, and state modification on Linear. - Sanitization: The skill uses
jqto extract only specific metadata (logins and URLs), effectively filtering out potentially malicious instruction content from the processed output.
Audit Metadata