launch
Pass
Audited by Gen Agent Trust Hub on Apr 25, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill contains no scripts or binary executables, consisting solely of markdown instructions and reference patterns.
- [PROMPT_INJECTION]: The skill ingests untrusted data from pull requests and commits to generate changelogs, creating an indirect prompt injection surface; however, this is mitigated by the skill's lack of execution capabilities and strict plan-only boundaries.
- [SAFE]: External tool references are limited to well-known, industry-standard utilities for versioning and deployment planning, and no remote code execution patterns or downloads from untrusted sources were found.
Audit Metadata