changelog-generator
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses local shell commands such as 'git log' and 'git describe' to retrieve commit data and tags. These are standard read-only operations necessary for the skill's primary function of analyzing repository history.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes git commit messages, which may contain malicious instructions from external contributors. * Ingestion points: Commit history retrieved via git commands in 'SKILL.md'. * Boundary markers: No explicit delimiters or ignore-instructions are used to isolate commit data from the agent's core logic. * Capability inventory: The agent is tasked with summarizing, filtering, and formatting text into a changelog. * Sanitization: There is no evidence of filtering or escaping performed on the commit strings before processing.
Audit Metadata