app-store-changelog

Pass

Audited by Gen Agent Trust Hub on Jun 21, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local shell script scripts/collect_release_changes.sh to gather git history and metadata.
  • Evidence: The 'Workflow' section instructions the agent to run the script from the repository root.
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it processes untrusted data from git commit messages.
  • Ingestion points: Git commit messages and file lists gathered in SKILL.md via the collection script.
  • Boundary markers: Absent; the skill does not specify delimiters to separate commit messages from instructions.
  • Capability inventory: Local command execution via shell scripts.
  • Sanitization: Absent; the skill does not describe any filtering or sanitization of commit messages before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 21, 2026, 04:03 AM
Security Audit — agent-trust-hub — app-store-changelog