gen-release-notes
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on shell com m and s like
git log,git diff, andgh pr listto extract repository metadata. It uses$AR G UMENTSto specify the starting tag for the comparison. - [IN D I RECT_PROMPT_IN J ECTION]: The skill proces s es untrusted com m it mes s ages and pul l request titles to generate des c ription s for the changelog. This pres ent s a potential surface for in d i rec t prom p t inj ec t ion where malicious con t en t in a com m it coul d at t em p t to influence the agen t's out p ut for m a t t ing or categorization logic.
- In g es t ion poin t s: Data is sourced from local git logs (
git log) and ext er n al pul l request sum m a ries (gh pr list). - Boun d a ry mar k er s: The in s t r uc t ion s do not def ine spec i f ic boun d a ries or ig n or e-in s t r uc t ion war n ing s for the proces s ed com m it data.
- Capabil i t y inv en t or y: The skill has ac c es s to shell exec u t ion (
git,gh) and local file sy s t em mod i f ic a t ion (CHANGELOG.md). - San i t iz a t ion: Com m it mes s ages and PR data ar e proces s ed wit h out exp l ic it san i t iz a t ion or fil t er ing of in s t r uc t ion s.
Audit Metadata