changelog-generator
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: No malicious instructions or hidden patterns were found. The skill is limited to natural language processing of commit history and lacks any malicious logic.
- [NO_CODE]: The skill consists entirely of markdown instructions without any associated scripts or executable files, posing no direct execution risk.
- [PROMPT_INJECTION]: The skill is a surface for indirect prompt injection as it processes external commit messages which could contain instructions. 1. Ingestion points: git commit history and CHANGELOG_STYLE.md file. 2. Boundary markers: Absent. 3. Capability inventory: Skill requires the ability to read git logs and write to local files (CHANGELOG.md). 4. Sanitization: Absent.
Audit Metadata