changelog
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface as it processes content from the
readme.txtfile to determine its editing logic.\n - Ingestion points: The agent reads the local
readme.txtfile.\n - Boundary markers: No delimiters or instructions are provided to the agent to distinguish between file content and its own operational instructions.\n
- Capability inventory: The skill uses
ReadandEdittools to modify the filesystem.\n - Sanitization: There is no validation or cleaning of the data read from the file before processing.\n- [EXTERNAL_DOWNLOADS]: References a GitHub issue link from the author's own repository (
github.com/bonny/WordPress-Simple-History) to provide an example of the desired changelog entry format.
Audit Metadata