git-publish-release
Automates GitHub releases and generates professional release notes by analyzing project history and changes.
Install this skill
or
68/100
Security score
The git-publish-release skill was audited on May 12, 2026 and we found 6 security issues across 4 threat categories, including 1 high-severity. Review the findings below before installing.
Categories Tested
Security Issues
medium line 77
Template literal with variable interpolation in command context
SourceSKILL.md
| 77 | ```bash |
medium line 19
Access to hidden dotfiles in home directory
SourceSKILL.md
| 19 | - 因本 skill 设计缺陷导致的 bug,先用 `bensz-collect-bugs` 规范记录到 `~/.bensz-skills/bugs/`,不要直接修改用户本地已安装的 skill 源码;若有 workaround,先记 bug,再继续完成任务。 |
medium line 211
Access to hidden dotfiles in home directory
SourceSKILL.md
| 211 | 4. **认证管理**:`gh` CLI 使用系统 keychain 或 `~/.config/gh/hosts.yml` 存储凭证,无需手动管理 token |
high line 211
Access to system keychain/keyring
SourceSKILL.md
| 211 | 4. **认证管理**:`gh` CLI 使用系统 keychain 或 `~/.config/gh/hosts.yml` 存储凭证,无需手动管理 token |
low line 193
External URL reference
SourceSKILL.md
| 193 | - GitHub CLI 文档:https://cli.github.com/manual/gh_release_create |
low line 199
External URL reference
SourceSKILL.md
| 199 | | `gh` 未安装 | 提示安装:`brew install gh` 或访问 https://cli.github.com | |
Scanned on May 12, 2026
View Security Dashboard