Gen Release Notes
Security checks across malware telemetry and agentic risk
Overview
This skill is a straightforward release-notes helper that reads git history and updates CHANGELOG.md without hidden installation, persistence, or unrelated access.
Install if you want an agent workflow for changelog generation. Before running it, provide the intended previous tag and review the generated CHANGELOG.md diff, especially because the skill is designed to edit that file and may use gh to query merged pull requests.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.