changelog-generator
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION] (LOW): Vulnerable to indirect prompt injection via ingestion of untrusted commit messages.\n
- Ingestion points: Processes external git commit history and local style files (SKILL.md).\n
- Boundary markers: Absent. The skill provides no delimiters or instructions to ignore embedded commands within processed data.\n
- Capability inventory: Implies read access to repository history and suggests file writing for creating changelog entries.\n
- Sanitization: Absent. No evidence of content filtering or sanitization.\n- [NO_CODE] (LOW): The skill contains only markdown-based instructions without any executable scripts, limiting analysis to the logic provided in the text.
Audit Metadata