changelog-automation
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were identified in the skill files. The instructions follow established software development best practices.
- [EXTERNAL_DOWNLOADS]: The skill references reputable tools and packages from official registries such as NPM (standard-version, semantic-release) and PyPI (commitizen). It also uses official and well-known GitHub Actions (actions/checkout, actions/setup-node), which are trusted sources.
- [DATA_EXFILTRATION]: The skill demonstrates the correct and secure use of CI/CD secrets (e.g., GITHUB_TOKEN) within GitHub Actions workflows. It explicitly includes a safety warning to avoid exposing secrets in release notes.
Audit Metadata