Skills
skills/claudedjale/skillset/wiki-changelog/Gen Agent Trust Hub

wiki-changelog

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: Executes standard local git commands including git remote get-url origin and git log. These operations are essential for the skill's primary function of analyzing repository history.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from commit messages.
  • Ingestion points: Processes output from git log which consists of strings provided by any user with commit access to the repository.
  • Boundary markers: The prompt lacks explicit delimiters or instructions to the agent to disregard instructions found within commit messages.
  • Capability inventory: The skill uses subprocess calls for git operations and formats external data for agent output.
  • Sanitization: No validation or filtering is applied to the commit history before it is passed to the LLM for summarization.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 12:34 AM