cc-changelog
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local shell scripts using
bash scripts/fetch-cc-changelog.shas defined inSKILL.mdand utilizesgrep -rfor recursive searches in the file system as described inreferences/analysis-rules.md. - [EXTERNAL_DOWNLOADS]: The skill is designed to fetch external data (the Claude Code changelog) via a script, although the specific URL is not explicitly defined in the provided instruction files.
- [PROMPT_INJECTION]: The skill processes untrusted external data which creates a surface for indirect prompt injection. 1. Ingestion points: External content is ingested from the output of
scripts/fetch-cc-changelog.shmentioned inSKILL.md. 2. Boundary markers: Absent;SKILL.mddoes not specify delimiters to isolate fetched content. 3. Capability inventory: Shell script execution inSKILL.mdand file system searching inreferences/analysis-rules.md. 4. Sanitization: Absent; the skill does not implement validation or filtering of the fetched changelog entries before they are analyzed by the agent.
Audit Metadata