app-store-changelog
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill runs standard git commands like
git log,git describe, andgit tag. These are restricted to reading repository history and are necessary for the skill's function. - PROMPT_INJECTION (LOW): The skill is subject to indirect prompt injection (Category 8) because it processes git commit messages which could be attacker-controlled. 1. Ingestion points: Commit messages via
git log. 2. Boundary markers: None (no delimiters used in the prompts). 3. Capability inventory: Read-onlygitcommands. 4. Sanitization: None. The risk is minimal as the output is restricted to text generation and no high-privilege operations are available.
Audit Metadata