Skills
skills/didi/mpx/changelog-generator/Gen Agent Trust Hub

changelog-generator

Pass

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill requires the agent to execute shell commands (specifically git log and git diff) to retrieve the commit history and code changes necessary for generating the changelog.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from external sources.
  • Ingestion points: The agent reads content from git commit messages and source code diffs (SKILL.md).
  • Boundary markers: No explicit delimiters or instructions are provided to the agent to treat commit messages as untrusted data or to ignore embedded instructions within those messages.
  • Capability inventory: The skill allows the agent to read git logs and write to the local file system (creating/modifying CHANGELOG.md).
  • Sanitization: There is no evidence of sanitization or filtering of the commit messages before they are processed by the LLM.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 17, 2026, 06:46 AM