Skills
skills/gramiojs/documentation/generate-changelog/Gen Agent Trust Hub

generate-changelog

Pass

Audited by Gen Agent Trust Hub on Apr 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses bunx ghlog to fetch commit data and npm info to verify package versions. These commands execute shell operations and interact with external registries to perform the skill's primary functions.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and analyzes untrusted data from external GitHub repositories.
  • Ingestion points: Commit summaries and full code patches are read from /tmp/gramio-ghlog.md and /tmp/gramio-patches/ (SKILL.md Step 4 and 5).
  • Boundary markers: There are no explicit instructions or delimiters defined to prevent the agent from following instructions that might be embedded within commit messages or patch files.
  • Capability inventory: The skill possesses extensive capabilities including the Bash tool for command execution and Write/Edit tools for modifying the repository's documentation and skill files.
  • Sanitization: The skill does not implement sanitization or validation of the ingested commit content before it is processed by the LLM to generate documentation and update files.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 7, 2026, 12:35 PM