changelog-generator
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE] (SAFE): The provided content consists entirely of markdown documentation (SKILL.md). No executable scripts (.py, .js, .sh), configuration files, or data files were found.
- [PROMPT_INJECTION] (INFO): The skill is designed to ingest and summarize git commit messages, which are untrusted external data sources. This creates a surface for Indirect Prompt Injection (Category 8). 1. Ingestion point: git commit history. 2. Boundary markers: None specified. 3. Capability inventory: Text transformation and display. 4. Sanitization: None mentioned. While the risk is minimal for display-only tasks, a malicious commit message could attempt to influence the agent's summarization logic.
Audit Metadata