product-skills
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The script
roadmap-communicator/scripts/changelog_generator.pyutilizessubprocess.runto execute thegit logcommand. - Evidence:
subprocess.run(cmd, capture_output=True, text=True, timeout=30)wherecmdis["git", "log", ...]inroadmap-communicator/scripts/changelog_generator.py. - Context: This command is used to extract commit subjects from the local repository to generate a structured changelog, which is the primary intended purpose of the script.
- [PROMPT_INJECTION]: The skill set includes tools designed to parse and analyze untrusted external data, creating an indirect prompt injection surface.
- Ingestion points:
product-manager-toolkit/scripts/customer_interview_analyzer.py(analyzes interview transcripts),research-summarizer/scripts/extract_citations.py(parses academic papers and documents), androadmap-communicator/scripts/changelog_generator.py(parses git commit messages). - Boundary markers: Absent. The tools output analysis results directly without using specific delimiters or instructions to the agent to disregard embedded content.
- Capability inventory: Local file system read/write operations and execution of the
git logcommand via subprocess. - Sanitization: None detected; the tools process text content using standard regex and string manipulation.
- Context: This ingestion surface is a fundamental requirement for the skill's document analysis and summarization capabilities and represents a standard architectural risk for such tools.
Audit Metadata