Skills
skills/bmad-code-org/bmad-method/bmad-os-changelog-social/Gen Agent Trust Hub

bmad-os-changelog-social

Pass

Audited by Gen Agent Trust Hub on Feb 22, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION] (SAFE): The skill executes local shell commands (git tag, git log) to gather information about repository changes and contributors. These are standard operations for a development-focused tool.
  • [DATA_EXPOSURE & EXFILTRATION] (SAFE): The skill reads CHANGELOG.md and git logs. This data is used only to generate social media content and is written to a local output directory (_bmad-output/social/). No external exfiltration was detected.
  • [INDIRECT PROMPT INJECTION] (LOW): The skill ingests untrusted data from CHANGELOG.md and git commit messages. While this could theoretically be used to influence the tone or content of the generated announcements, the risk is minimal as the AI is not performing high-privilege actions with the resulting text. Evidence: 1. Ingestion points: CHANGELOG.md, git commit messages. 2. Boundary markers: None specified for the read operation. 3. Capability inventory: Writing local files, shell command execution (git). 4. Sanitization: None specified, but the use case is restricted to text generation.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 22, 2026, 11:56 PM