Skills
skills/elastic/elastic-docs-skills/docs-serverless-changelog/Gen Agent Trust Hub

docs-serverless-changelog

Pass

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches PR metadata and documentation guidelines from the official elastic/docs-content repository on GitHub to ensure accuracy and consistency in voice and tone.
  • [PROMPT_INJECTION]: The skill ingests untrusted content from GitHub PRs (titles, descriptions, comments) and local Markdown files, which represents an indirect prompt injection surface.
  • Ingestion points: Raw Markdown tool output and GitHub PR metadata (titles, bodies, comments, and diffs).
  • Boundary markers: Absent. The instructions do not specify the use of delimiters or instructions to ignore potential commands embedded in the fetched content.
  • Capability inventory: File system access (Read, Grep) and restricted shell access via the GitHub CLI (Bash(gh *)).
  • Sanitization: Absent. The skill processes external data directly to refine and format changelog entries.
Audit Metadata
Risk Level
SAFE
Analyzed
May 7, 2026, 03:04 PM