Skills
skills/patricio0312rev/skills/changelog-writer/Gen Agent Trust Hub

changelog-writer

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [Indirect Prompt Injection] (LOW): The skill is designed to ingest and process untrusted data from git logs, PR titles, and issue descriptions which could contain malicious instructions.
  • Ingestion points: git log output, PR titles, and issue references listed in the 'Commit Analysis' section of SKILL.md.
  • Boundary markers: Absent. There are no specific delimiters or instructions for the agent to ignore prompt-like content within commit messages.
  • Capability inventory: Shell command execution via git, npm, cargo, and gh CLI tools as documented in SKILL.md.
  • Sanitization: Absent. The skill provides no logic for escaping or validating the content of commit messages before processing.
  • [Command Execution] (SAFE): The skill uses standard git history and GitHub CLI commands (git log, gh release create) which are necessary for its primary functionality.
  • [External Downloads] (SAFE): Mentions installation of conventional-changelog-cli and git-cliff from official registries (npm and crates.io). These are established development tools relevant to the skill's purpose.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 04:33 PM