Skills
skills/notysoty/openagentskills/Changelog Curator/Gen Agent Trust Hub

Changelog Curator

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it requires the agent to parse and categorize untrusted data from external sources.
  • Ingestion points: The skill ingests raw git log output, pull request titles, and existing CHANGELOG.md file content (SKILL.md).
  • Boundary markers: Absent. There are no instructions for the agent to use delimiters or ignore embedded instructions within the git log or PR data.
  • Capability inventory: The agent has file-system write capabilities to update or create the CHANGELOG.md file.
  • Sanitization: Absent. The instructions do not specify any validation or sanitization of the input strings before they are processed and written to the documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 05:57 AM
Security Audit — agent-trust-hub — Changelog Curator