changelog-generator
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to run standard git commands, including
git logandgit remote get-url origin, to retrieve commit history and repository metadata. These operations are essential for the skill's primary function and occur entirely within the local repository context. - [PROMPT_INJECTION]: The skill processes untrusted data from git commit messages (Indirect Prompt Injection surface). An assessment of this surface follows:
- Ingestion points: Commit subjects and bodies parsed from
git logoutput. - Boundary markers: None identified; commit content is interpolated directly into the classification logic.
- Capability inventory: The skill is limited to text generation and markdown formatting; it lacks capabilities for network exfiltration, file system writes (other than documentation), or code execution.
- Sanitization: The workflow utilizes specific regular expressions to extract structured metadata (PR numbers and issue IDs), providing a layer of validation for external content.
- [DATA_EXPOSURE]: No sensitive data access or exfiltration patterns were detected. The skill only processes public commit metadata and author names to generate documentation.
Audit Metadata