wiki-changelog
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill utilizes local git commands (
git remote,git log) to perform its primary function of changelog generation. - [PROMPT_INJECTION] (LOW): Susceptible to indirect prompt injection through repository data. 1. Ingestion points: Git commit messages and file metadata read via git log (SKILL.md). 2. Boundary markers: Absent; no specific delimiters are used to wrap untrusted log content. 3. Capability inventory: Local git command execution and filesystem access (SKILL.md). 4. Sanitization: Absent; commit messages are processed without escaping or validation.
Audit Metadata