App Store Changelog

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward release-note helper that reads local git history and shows no hidden network, credential, persistence, or destructive behavior.

Use this skill when you are comfortable letting the agent read the selected repository's commit history and touched file names. Run it from the intended repo, provide a starting tag/ref to avoid full-history output when needed, and make sure bash, git, and sed are available.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

ASI05: Unexpected Code Execution

Low

What this means

Running the skill executes a local helper command that reads the selected repository's git history and file list.

Why it was flagged

The skill instructs the agent/user to run a local shell script. This is expected for collecting git history and the script is included, short, and purpose-aligned.

Skill content

Run `scripts/collect_release_changes.sh` from the repo root to gather commits and touched files.

Recommendation

Run it only from the intended repository and review the included script if you want to confirm the exact git commands before use.

ASI06: Memory and Context Poisoning

Low

What this means

Commit messages and file paths from the selected git range may be visible to the agent while it drafts release notes.

Why it was flagged

The helper retrieves commit hashes, dates, subjects, and touched file names for the agent to summarize. This is central to the skill, but repository history can contain internal project information.

Skill content

git log --reverse --date=short --pretty=format:'%h|%ad|%s' ${range}

Recommendation

Use a specific starting tag/ref when possible, and avoid running it on repositories whose commit history or file names should not be shared with the agent.

ASI04: Agentic Supply Chain Vulnerabilities

Info

What this means

The skill may fail or behave unexpectedly on systems without these local tools even though the registry does not list them as requirements.

Why it was flagged

The included helper depends on bash, git, and sed, while the registry requirements declare no required binaries. This is an under-declared local dependency issue, not hidden behavior.

Skill content

#!/usr/bin/env bash
...
git describe --tags --abbrev=0
...
git log --reverse --name-only --pretty=format:'--- %h %s' ${range} | sed '/^$/d'

Recommendation

Ensure bash, git, and sed are available before using the skill; maintainers should declare these required binaries in metadata.