app-store-changelog
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION] (LOW): Vulnerable to Indirect Prompt Injection via git history. Malicious actors could place instructions in commit messages to manipulate the agent's output. 1. Ingestion points: Git log output in scripts/collect_release_changes.sh (commit messages and file paths). 2. Boundary markers: Absent. 3. Capability inventory: Subprocess execution of git and text generation for release notes. 4. Sanitization: None.
- [COMMAND_EXECUTION] (LOW): Potential command injection in scripts/collect_release_changes.sh due to unquoted variables (${range}) when calling git log. If the agent passes unvalidated user input as a tag or reference, it could lead to unintended command execution or argument injection.
Audit Metadata