change-writer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes untrusted git commit messages and file change statistics which can be influenced by external contributors to the repository.\n
- Ingestion points: git log history and output from the get-changes.sh script (git status and diff).\n
- Boundary markers: Absent; the prompt instructions do not provide delimiters or warnings to the agent to distinguish git data from instructions.\n
- Capability inventory: The skill correctly limits its scope to read-only git operations and lacks network access or file-writing permissions.\n
- Sanitization: Absent; the agent is not instructed to sanitize or escape commit messages before analysis.
Audit Metadata