skills/seqis/openclaw-skills-converted-from-claude-code/agent-changelog-generator/Gen Agent Trust Hub
agent-changelog-generator
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection from processed data.
- Ingestion points: Reads git commit history via
git log. - Boundary markers: Absent; no delimiters or instructions are provided to the agent to disregard instructions potentially embedded within commit messages.
- Capability inventory: The agent has access to
Bash,Write,Edit, andmcp__sequential-thinking__sequentialthinking. - Sanitization: Absent; the agent transforms commit messages directly into documentation output without filtering.
- [COMMAND_EXECUTION]: Uses shell commands to interact with the local repository.
- Evidence: The workflow utilizes
git log $(git describe --tags --abbrev=0)..HEADto retrieve commit data for analysis.
Audit Metadata