changelog-auto

[Skill Scanner] Backtick command substitution detected This skill contains bash scripts that implement changelog generation from git commit history and optional release integration. The capabilities, file accesses, and actions align with the declared purpose. There are no signs of credential harvesting, external data exfiltration, remote downloads, obfuscation, or other malicious behavior in the provided code. Operational cautions: running scripts that auto-commit and tag should be done with repository access awareness; the placeholder invocation /changelog-auto should be validated in the runtime environment to ensure it runs the expected binary/script. Overall the code appears benign but with moderate operational risk if run in untrusted environments.