changelog-generator
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMNO_CODEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (MEDIUM): The skill instructs the agent to analyze git commit history, which is untrusted external data. Attackers can embed malicious instructions in commit messages to influence the agent's logic or output. * Ingestion points: git commit history (as described in SKILL.md). * Boundary markers: Absent; there are no instructions to use delimiters or ignore instructions within the commits. * Capability inventory: Analyzes and summarizes history, with the suggested capability to write to CHANGELOG.md. * Sanitization: Absent.
- [No Code] (INFO): The skill contains no executable scripts, binaries, or configuration files for dependency management, relying solely on natural language instructions for the agent's operation.
Audit Metadata