Skills
skills/kweaver-ai/skills/changelog-release-notes/Gen Agent Trust Hub

changelog-release-notes

Pass

Audited by Gen Agent Trust Hub on Mar 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes git diff and git log commands to analyze repository changes. This is expected behavior for its primary purpose of generating release notes.
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection (Category 8) because it processes untrusted data from repository history and files.
  • Ingestion points: VERSION, CHANGELOG*, git diff, git log, and changed source files.
  • Boundary markers: Absent.
  • Capability inventory: Read/write access to repository files and execution of git commands.
  • Sanitization: Absent.
  • [SAFE]: No instances of data exfiltration, credential exposure, obfuscation, or unauthorized external downloads were detected.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 13, 2026, 02:52 AM