Skills
skills/florianbruniaux/claude-code-ultimate-guide/release-notes-generator/Gen Agent Trust Hub

release-notes-generator

Pass

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted external data from git history and GitHub PR metadata to generate releases.\n
  • Ingestion points: Untrusted content enters the context via git log and gh api commands used to fetch commit messages and pull request details as specified in SKILL.md.\n
  • Boundary markers: The skill instructions do not define specific delimiters or "ignore embedded instructions" prompts to isolate the external data from the skill's own operational instructions.\n
  • Capability inventory: The skill possesses capabilities to execute shell commands (git, gh) and perform file system writes (updating CHANGELOG.md), which increases the potential impact of a successful injection.\n
  • Sanitization: There is no documentation of sanitization or validation logic to filter out instructional content from the ingested commit or PR data before it is processed by the model.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 21, 2026, 03:43 PM