skills/remix-run/remix/make-changes/Gen Agent Trust Hub

make-changes

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands such as pnpm changes:preview and linting scripts to validate changelog entries. These commands are repository-specific and used to verify the output of the skill's primary task.
  • [PROMPT_INJECTION]: The skill processes data from PR diffs and commit ranges, creating an indirect prompt injection surface.
    • Ingestion points: Untrusted data from PR diffs and commit ranges are ingested in workflow step 1.
    • Boundary markers: Absent; no delimiters or 'ignore' instructions are specified for the ingested content.
    • Capability inventory: The agent can write to the filesystem (packages/*/.changes/) and execute shell commands via pnpm.
    • Sanitization: Absent; no validation or escaping of external content is performed.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 06:19 PM
Security Audit — agent-trust-hub — make-changes