Skills
skills/flitzrrr/opencode-processing-skills/release-notes/Gen Agent Trust Hub

release-notes

Pass

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes local git and gh (GitHub CLI) commands to retrieve repository history, tags, and create releases. These operations are restricted to standard developer workflows and occur within the local environment.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted data from git commit logs.
  • Ingestion points: Commit messages, tags, and PR references sourced via git log.
  • Boundary markers: No explicit delimiters are used in the prompt instructions to isolate commit data from the agent's logic.
  • Capability inventory: The skill has the ability to write to the file system (CHANGELOG.md) and interact with GitHub via the CLI.
  • Sanitization: There is no evidence of sanitization or filtering applied to the commit history before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 3, 2026, 08:34 AM