changelog-updater
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes standard system binaries (git and gh) to retrieve repository history and pull request metadata. The commands are used strictly for data retrieval (e.g., git log, git tag, gh pr view) and follow predefined templates within the skill instructions.
- [PROMPT_INJECTION]: The skill processes data from external sources (commit messages and pull requests) that may contain untrusted content. 1. Ingestion points: Data is ingested from the repository filesystem and terminal output of git/GitHub commands. 2. Boundary markers: No explicit delimiters or ignore instructions are provided for the source text. 3. Capability inventory: The skill performs file reads, file writes (to the changelog), and repository-specific git/GitHub queries. 4. Sanitization: No explicit content filtering or escaping is performed on the ingested commit or PR data.
Audit Metadata