gspdev-changelog
Pass
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill correctly implements its stated functionality for maintaining changelogs without any detected malicious behaviors.
- [COMMAND_EXECUTION]: Uses local shell commands to parse git history. The use of specific regex patterns for version extraction (\d+.\d+.\d+) ensures that input from files is properly constrained, minimizing the risk of command injection.
- [PROMPT_INJECTION]: The skill ingests git commit messages, which are externally controlled data, creating an indirect prompt injection surface. Findings: 1. Ingestion points: git log output processed in SKILL.md; 2. Boundary markers: Absent; 3. Capability inventory: Bash, Edit, and Grep tools; 4. Sanitization: No explicit validation of commit message content. This surface is inherent to the tool's intended purpose of summarizing project history.
- [DATA_EXFILTRATION]: There are no network operations or attempts to access sensitive system files or environment variables. All operations are confined to standard project documentation files.
Audit Metadata