release-notes
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes and instructs the user to run a local Python script (
scripts/release_notes_generator.py) to process structured release data. This script performs file reading and text formatting based on user-provided JSON input.\n- [PROMPT_INJECTION]: The skill is designed to process technical entries gathered from external, untrusted sources which exposes the agent to indirect prompt injection.\n - Ingestion points: Technical changes gathered from Jira, Linear, Git logs, and PRD references (SKILL.md, Step 1) as well as the JSON file input for the generator script.\n
- Boundary markers: There are no defined delimiters or specific instructions for the AI agent to ignore potentially malicious instructions embedded in the input data.\n
- Capability inventory: The agent performs rewriting tasks on the data and interacts with a local script that can read files and output to the terminal.\n
- Sanitization: The skill does not implement or recommend any sanitization or validation mechanisms to filter out instructional content from the technical logs before processing.
Audit Metadata