changelog-automation

The skill's stated purpose (automating changelog generation, release notes, and version management using conventional commit patterns and semantic versioning) is coherent with its described capabilities. The install/use pattern relies on standard, reputable ecosystems (npm, PyPI, cliff, commitizen, semantic-release) and CI workflows, with credential handling confined to CI secrets as expected. There is no evident payload delivery, credential harvesting, or data exfiltration patterns. Overall, the footprint is benign and proportionate to the stated objective.