git-publish-release
Automates GitHub releases and generates professional release notes by analyzing project history and changes.
Install this skill
or
52/100
Security score
The git-publish-release skill was audited on Mar 1, 2026 and we found 12 security issues across 3 threat categories. Review the findings below before installing.
Categories Tested
Security Issues
medium line 83
Template literal with variable interpolation in command context
SourceSKILL.md
| 83 | ```bash |
medium line 33
Access to .env file
SourceSKILL.md
| 33 | - 自动从当前目录的 `.env` 文件读取 `GH_TOKEN` |
medium line 34
Access to .env file
SourceSKILL.md
| 34 | - 如 `.env` 不存在,自动创建并提示用户添加 token |
medium line 35
Access to .env file
SourceSKILL.md
| 35 | - 自动将 `.env` 添加到 `.gitignore`(如未添加) |
low line 44
Access to .env file
SourceSKILL.md
| 44 | # 确保 .env 存在、.gitignore 已配置,并读取 GH_TOKEN |
medium line 49
Access to .env file
SourceSKILL.md
| 49 | - `.env` 文件不存在时自动创建 |
medium line 50
Access to .env file
SourceSKILL.md
| 50 | - `.env` 未在 `.gitignore` 中时自动添加 |
medium line 199
Access to .env file
SourceSKILL.md
| 199 | | .env 文件不存在 | 自动创建并提示用户添加 GH_TOKEN | |
medium line 200
Access to .env file
SourceSKILL.md
| 200 | | GH_TOKEN 未设置或无效 | 提示用户在 .env 文件中设置 token | |
medium line 212
Access to .env file
SourceSKILL.md
| 212 | 5. **Token 安全**:`.env` 文件自动加入 `.gitignore`,防止意外提交 |
low line 72
External URL reference
SourceSKILL.md
| 72 | "https://api.github.com/repos/$REPO/releases" | \ |
low line 164
External URL reference
SourceSKILL.md
| 164 | "https://api.github.com/repos/$REPO/releases" \ |
Scanned on Mar 1, 2026
View Security DashboardInstall this skill with one command
/learn @huangwb8/git-publish-release