changelog-generator
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes git commit messages which represent untrusted external data. While the skill is focused on text summarization, it possesses an attack surface for indirect prompt injection.\n- Ingestion points: Commit history retrieved via
git log(specified in SKILL.md).\n- Boundary markers: The instructions do not define specific delimiters to wrap commit data or provide 'ignore embedded instructions' warnings for the processing phase.\n- Capability inventory: The skill's capabilities are limited to text analysis and summarization; it does not perform network operations, sensitive file writes, or high-privilege command execution.\n- Sanitization: No sanitization, validation, or filtering of the commit message content is implemented before the agent processes the strings.
Audit Metadata