manage-change-control
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill defines a workflow that ingests untrusted external data while the agent has access to powerful system tools, creating a vulnerability to indirect prompt injection.
- Ingestion points: The skill explicitly lists "Vendor release notes or technical documentation" and "Change description" as inputs in
SKILL.md. - Boundary markers: Absent. The provided templates do not utilize delimiters or specific instructions to treat external input as untrusted data.
- Capability inventory: The skill metadata (
allowed-tools) authorizes the use ofBash,Write,Edit,Read,Grep, andGlob. - Sanitization: Absent. There are no procedural steps defined to validate, escape, or sanitize external content before processing.
- [NO_CODE]: The skill is composed entirely of Markdown documentation and templates. It does not include any embedded scripts, configuration files for package managers, or executable binaries.
Audit Metadata