injective-core-detect-changes

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user on how to install a prerequisite helper skill (devrel-detect-breaking-changes) from a repository belonging to the same author (bguiz/devrel-agent-skills) using the npx skills add command.
  • [INDIRECT_PROMPT_INJECTION]: The skill ingests and analyzes data from external sources, specifically GitHub release notes and changelogs.
  • Ingestion points: Fetches data from github.com/InjectiveLabs/injective-core releases and CHANGELOG.md files as specified in the SKILL.md instructions.
  • Boundary markers: The instructions do not define specific delimiters or instructions to ignore embedded malicious prompts in the fetched text.
  • Capability inventory: The skill's primary action with the data is to summarize it and pass it to a secondary helper skill for analysis; there are no scripts performing direct command execution or sensitive file access.
  • Sanitization: There is no evidence of filtering or validation of the external content before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 11:59 AM