release-orchestrator
Pass
Audited by Gen Agent Trust Hub on Jul 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues were detected. The skill provides a clear workflow for release management with appropriate templates and examples.
- [COMMAND_EXECUTION]: The skill includes a local helper script
scripts/build_release_packet.pyused to format release data. The script is executed by the agent and uses standard Python libraries (json,sys,pathlib) for processing local data. - [PROMPT_INJECTION]: The skill processes user-supplied release notes, which is a standard data ingestion surface for this use case.
- Ingestion points: Release scope, risky changes, and migration details gathered in the workflow (SKILL.md).
- Boundary markers: Absent; the skill relies on the agent to interpret the inputs according to the provided reference templates.
- Capability inventory: Local script execution for markdown report generation.
- Sanitization: None identified; the script performs a standard JSON load and string formatting.
Audit Metadata