changelog-generator
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFE
Full Analysis
- PROMPT_INJECTION (SAFE): No instructions found that attempt to bypass safety filters or override system prompts.
- INDIRECT_PROMPT_INJECTION (LOW): The skill processes git commit history which is untrusted external data. An attacker could potentially embed malicious instructions within a commit message.
- Ingestion points: Git commit history in a local repository.
- Boundary markers: Absent from the provided markdown instructions.
- Capability inventory: Read git history, generate markdown text.
- Sanitization: Not explicitly defined in the skill instructions.
- REMOTE_CODE_EXECUTION (SAFE): The skill does not include any scripts, command execution, or remote code loading.
- DATA_EXFILTRATION (SAFE): No network operations, hardcoded credentials, or exfiltration patterns were detected.
Audit Metadata