Skills
skills/florianbruniaux/claude-code-ultimate-guide/release-notes-generator/Gen Agent Trust Hub

release-notes-generator

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection attacks.
  • Ingestion points: The skill ingests untrusted data from git log and the GitHub API (gh api), specifically commit messages, pull request titles, and descriptions which can be controlled by external contributors.
  • Boundary markers: The skill lacks explicit delimiters or specific instructions to the model to disregard instructions embedded within the processed git/PR content.
  • Capability inventory: The skill possesses the capability to execute shell commands (git, gh) and write files to the local directory (e.g., CHANGELOG.md).
  • Sanitization: There is no evidence of text sanitization or escaping of the external content before it is processed for "Tech-to-Product" transformation.
  • [COMMAND_EXECUTION]: The skill relies on executing system commands to perform its primary functions.
  • Evidence: It invokes git tag, git log, git show, and git diff for repository analysis, and gh api for fetching metadata from GitHub. These are standard operations for a release tool.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 01:07 AM