Release Manager
ReviewAudited by ClawScan on May 1, 2026.
Overview
The skill appears to be a purpose-aligned release-management helper, but its release and rollback command examples should be reviewed before anyone runs them.
Use this skill in repositories you control, review its generated changelogs and version recommendations, and require explicit approval before pushing tags, creating releases, running rollback steps, clearing caches, or applying database migrations.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill may help process local repository history and generate release artifacts such as changelogs or reports.
The skill documents user-run local commands that read repository history and execute included Python scripts. This is central to the release-management purpose and is not hidden, but it is still local tool execution over project data.
git log --oneline --since="1 month ago" | python changelog_generator.py
Run the scripts only in intended repositories and review generated outputs before committing, publishing, or using them in automation.
Blindly following generated rollback steps could disrupt a live service or change production data state.
The sample rollback plan contains commands that could affect databases, caches, or deployed services if executed. The artifacts present them as planned rollback steps with risk levels, not as automatically executed behavior.
"command": "python manage.py migrate app 0042" ... "command": "redis-cli FLUSHALL"
Treat rollback commands as templates requiring explicit human approval, environment-specific validation, backups, and dry-run or staging verification where possible.
Users have less upstream context for who maintains the scripts and where updates come from.
The registry metadata does not provide a source repository or homepage, which limits provenance context. The artifacts do not show a remote installer or external dependency chain.
Source: unknown; Homepage: none
Review the included files before use and prefer a trusted, version-controlled source if adopting the scripts into release automation.