injective-core-detect-changes
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user on how to install a prerequisite helper skill (
devrel-detect-breaking-changes) from a repository belonging to the same author (bguiz/devrel-agent-skills) using thenpx skills addcommand. - [INDIRECT_PROMPT_INJECTION]: The skill ingests and analyzes data from external sources, specifically GitHub release notes and changelogs.
- Ingestion points: Fetches data from
github.com/InjectiveLabs/injective-corereleases andCHANGELOG.mdfiles as specified in theSKILL.mdinstructions. - Boundary markers: The instructions do not define specific delimiters or instructions to ignore embedded malicious prompts in the fetched text.
- Capability inventory: The skill's primary action with the data is to summarize it and pass it to a secondary helper skill for analysis; there are no scripts performing direct command execution or sensitive file access.
- Sanitization: There is no evidence of filtering or validation of the external content before processing.
Audit Metadata