conventional-changelog
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a documentation guide intended for developers to improve their release and versioning workflows. It contains no executable scripts or malicious logic.
- [EXTERNAL_DOWNLOADS]: Mentions several standard development tools (git-cliff, conventional-changelog-cli, commitlint) and provides installation instructions via official package registries like NPM and Cargo.
- [EXTERNAL_DOWNLOADS]: References the official 'release-please-action' from the Google/googleapis GitHub organization, which is a trusted source for automated releases.
- [COMMAND_EXECUTION]: Includes standard shell commands for installing software packages, managing git tags, and running CLI tools locally. These commands are descriptive and intended for manual user execution in a development environment.
- [REMOTE_CODE_EXECUTION]: No suspicious remote script execution patterns (e.g.,
curl | bash) were identified. External URLs point to official schemas and documentation.
Audit Metadata