Skills
skills/elastic/elastic-docs-skills/docs-changelog-tool/Gen Agent Trust Hub

docs-changelog-tool

Pass

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [SAFE]: The skill serves as a technical reference and development guide for a changelog management tool. It outlines architecture, synchronization rules, and testing procedures without incorporating malicious logic or dangerous commands.
  • [COMMAND_EXECUTION]: The skill provides instructions for running the test suite via dotnet test (SKILL.md). While this involves shell execution, it is a standard and expected operation for maintaining the documented software.
  • [SAFE]: The skill documentation describes a system that ingests external data from GitHub, representing a surface for indirect prompt injection:
  • Ingestion points: The documented tool fetches data from external sources, specifically GitHub Pull Requests and Issues, to create changelog entries (SKILL.md).
  • Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are provided in the skill documentation.
  • Capability inventory: The skill is configured with Read, Grep, Glob, Edit, and Bash tools (SKILL.md).
  • Sanitization: No sanitization or validation logic for external content is described in the provided guidelines.
Audit Metadata
Risk Level
SAFE
Analyzed
May 7, 2026, 03:04 PM