Back to skill

Security audit

Changelog Generator

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward local changelog generator; its git-reading and optional file-writing behavior matches what it says it does.

Install if you are comfortable letting the skill run local git commands on repositories you choose. Treat commit history as potentially private, review generated output before sharing it, and use -o/--output only with an intended path because existing files may be overwritten.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill advertises and instructs use of shell execution (`python3 ...`) and file output (`-o CHANGELOG.md`) but does not declare corresponding permissions. That mismatch can cause the agent to invoke shell commands or write files without explicit user/host awareness, which increases risk even though these capabilities are central to the skill's stated purpose.

Vague Triggers

Medium
Confidence
79% confidence
Finding
The invocation text is broad enough to match common requests like 'summarize git history' or 'prepare release documentation,' making over-triggering more likely. In a skill that can access git data, run local commands, and write files, accidental invocation can expose repository metadata or create/overwrite changelog files when the user did not specifically intend to use this tool.

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.