semantic-release

Automates versioning and release management for Node.js projects using semantic-release, enhancing CI/CD workflows.

Install this skill

60/100

Security score

The semantic-release skill was audited on Mar 7, 2026 and we found 4 security issues across 2 threat categories, including 2 high-severity. Review the findings below before installing.

Categories Tested

Security Issues

high line 122

Template literal with variable interpolation in command context

SourceSKILL.md

122	Level 1: Skill - `${CLAUDE_PLUGIN_ROOT}/skills/semantic-release/` (Generic templates, system-wide tool)

medium line 265

Template literal with variable interpolation in command context

SourceSKILL.md

265

```yaml

high line 272

Template literal with variable interpolation in command context

SourceSKILL.md

272	> Note: The `@semantic-release/exec` plugin uses Lodash templates (`${var}`). This conflicts with bash default syntax (`${VAR:-default}`) and subshell syntax (`$(cmd)`). Preferred fix: remove

medium line 73

Access to system keychain/keyring

SourceSKILL.md

73	# Credentials stored in keyring

Scanned on Mar 7, 2026

View Security Dashboard

Install this skill with one command

/learn @terrylica/semantic-release

GitHub Stars 17

Rate this skill

Categorydevelopment

UpdatedMarch 29, 2026

openclaw backend api backend-developer devops-sre product-manager github development product

terrylica/cc-skills