Changelog Management
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local Git and PowerShell commands to manage repository metadata.
- Evidence: Uses
git tag -l,git log, and PowerShell'sSelect-Stringto identify version boundaries and extract commit history. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from Git commit logs.
- Ingestion points: Commits retrieved via
git log(Workflow Step 2) are processed to generate changelog entries. - Boundary markers: Absent; there are no delimiters or instructions to the agent to ignore instructions embedded within commit messages.
- Capability inventory: The skill has permissions to read and write local files (
CHANGELOG.md,Directory.Build.props) and execute Git CLI commands. - Sanitization: Absent; commit messages are parsed and consolidated directly into the final output without filtering for malicious instructions.
- [PROMPT_INJECTION]: The skill uses instructional markers to enforce specific task logic.
- Evidence: Uses "CRITICAL" labels to ensure the agent prioritizes git tag checking and commit consolidation over other formatting rules.
Audit Metadata