changelog-automation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- SAFE (SAFE): The analyzed file consists purely of instructional markdown content. No executable scripts, binaries, or automated tool configurations were found.
- Indirect Prompt Injection (LOW): The skill's primary function is to process untrusted data (git commits, pull requests, and release notes). Although no implementation code is provided, this represents a potential attack surface.
- Ingestion points: Git commits, Pull Requests, and Releases (SKILL.md).
- Boundary markers: Absent; no delimiters or ignore-instructions are specified for the processed content.
- Capability inventory: The instructions suggest the use of tools to 'Configure tooling' and 'Enforce conventions' (SKILL.md).
- Sanitization: Absent; the skill lacks specific guidance on sanitizing or escaping content from commit messages.
Audit Metadata