terminal-changelog
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill ingests external data from git commit history which could contain malicious instructions aimed at influencing the agent's output or behavior.
- Ingestion points: Commit messages fetched via
git logandgit showin Workflow steps 2 and 3. - Boundary markers: Absent; there are no instructions to the agent to disregard embedded commands within the commit text.
- Capability inventory: The skill modifies local files (
data/worlds/mansion.rec) and executes shell commands (just entities). - Sanitization: Absent; the agent directly processes and formats the commit messages into the terminal document without filtering.
- [Command Execution] (SAFE): The skill utilizes standard system utilities (
grep,git) and a task runner (just). - Evidence: Workflow steps 1, 2, 3, and 5 invoke these tools to process game data and validate entities.
- Context: These operations are consistent with the skill's stated purpose of automating development documentation and do not exhibit malicious patterns.
Audit Metadata