Skills
skills/codebeltnet/agentic/git-keep-a-changelog/Gen Agent Trust Hub

git-keep-a-changelog

Pass

Audited by Gen Agent Trust Hub on Apr 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill relies on executing multiple shell-based git commands to perform its core functions, including git log, git diff, git status, and git rev-parse to determine repository state and history.
  • [PROMPT_INJECTION]: The skill defines a 'Yolo / Auto Mode' in SKILL.md which is triggered by specific user keywords ('yolo' or 'auto'). This mode explicitly instructs the agent to 'Skip Step 3 entirely' and 'Include all pending changes automatically', effectively allowing a user to bypass a checkpoint designed to prevent the accidental inclusion of uncommitted worktree changes in the project history.
  • [INDIRECT_PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes data from external, potentially untrusted sources.
  • Ingestion points: The agent reads full commit bodies and net diffs from the repository history as defined in SKILL.md (Step 4).
  • Boundary markers: The instructions do not define any boundary markers or special delimiters to isolate commit messages from the agent's internal instructions.
  • Capability inventory: The skill has the capability to modify the local file system (CHANGELOG.md) and execute git shell commands.
  • Sanitization: No sanitization or filtering is applied to the commit data before it is parsed and used to generate the changelog content.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 27, 2026, 01:29 PM