add-changeset
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses local git and filesystem commands (
git diff,git log,ls,git add,git commit) to analyze changes and manage versioning metadata. These operations are standard for development workflows and are scoped to the project's changeset system. - [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it parses untrusted data from git logs (commit messages) to determine versioning requirements. However, this risk is mitigated by the skill's narrow scope—the parsed content is used only to generate markdown documentation and git commit messages, which are typical development tasks.
- Ingestion points: Commit messages and file names are read via
git logandgit diff(SKILL.md). - Boundary markers: No specific delimiters or instructions to ignore embedded commands within logs are present.
- Capability inventory: The agent is authorized to write markdown files to the
.changeset/directory and perform git commits (SKILL.md). - Sanitization: No explicit sanitization of commit message content is described before it is written to the changeset file body.
Audit Metadata