breaking_change_detector
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing 'deepdiff' and 'jsonschema' via pip. These are legitimate, widely-used libraries for data comparison and schema validation.- [COMMAND_EXECUTION]: The instructions include creating and executing a Python script ('detect_breaking_changes.py') within a GitHub Actions CI pipeline to automate schema validation.- [PROMPT_INJECTION]: The skill evaluates external JSON/Pydantic schemas, which constitutes a surface for indirect prompt injection.\n
- Ingestion points: External schema files compared during the CI process in 'backend/schemas/baseline/'.\n
- Boundary markers: None explicitly mentioned in the instructions.\n
- Capability inventory: The script can fail CI builds and provides feedback on schema differences; no network exfiltration or unauthorized file-system modifications are described.\n
- Sanitization: The skill utilizes structured data processing libraries ('deepdiff') to compare schema properties rather than interpreting natural language descriptions within the schemas.
Audit Metadata