Skills
skills/ak1ra-komj/agents-skills/update-changelog-md/Gen Agent Trust Hub

update-changelog-md

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes git log to retrieve commit history and date to generate release timestamps. These are standard system utilities required for the skill's primary purpose of maintaining a changelog based on repository history.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection via git commit messages.
  • Ingestion points: Reads commit messages from git log and existing content from CHANGELOG.md.
  • Boundary markers: No delimiters or safety instructions are used to separate the ingested data from the agent's internal instructions.
  • Capability inventory: The skill has the ability to write to the file system (CHANGELOG.md) and execute shell commands (git, date).
  • Sanitization: There is no evidence of sanitization or filtering of the commit message content before processing.
  • [SAFE]: No evidence of hardcoded credentials, unauthorized network activity, obfuscation, or persistence mechanisms was found. The skill's behavior is consistent with its stated purpose.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 05:11 AM