Roadmap Communicator

Use when preparing roadmap narratives, release notes, changelogs, or stakeholder updates tailored for executives, engineering teams, and customers.

This skill appears coherent and limited in scope, but exercise normal caution before enabling code from an unknown author: 1) The included script reads your git commit messages — those can contain sensitive info, so review the output before sharing externally. 2) Inspect scripts locally (you can read scripts/changelog_generator.py, which is small and clear) and run them in a trusted environment. 3) Ensure git and python3 are present and that you run the script in the intended repository or with --stdin/--demo to avoid exposing unrelated commit history. If you need provenance, ask the publisher for a homepage or source repository before broad deployment.

Type: OpenClaw Skill Name: roadmap-communicator Version: 2.1.1 thought The user wants me to analyze an OpenClaw AgentSkills skill bundle (ZIP content provided as text). I need to classify it as `benign`, `suspicious`, or `malicious` based on specific criteria: - Data exfiltration - Malicious execution - Persistence/backdoors - Prompt injection against the agent - Obfuscation - Supply chain issues I must distinguish between vulnerabilities (suspicious) and intentional malice (malicious). Files provided: 1. `_meta.json`: Metadata about the skill. 2. `SKILL.md`: Instructions for the AI agent. 3. `scripts/changelog_generator.py`: A Python script to generate changelogs from git. 4. `references/communication-templates.md`: Markdown templates for communication. 5. `references/roadmap-templates.md`: Markdown templates for roadmaps. - `ownerId`, `slug` ("roadmap-communicator"), `version` ("2.1.1"), `publishedAt`. - Looks standard. - Describes the skill: preparing roadmap narratives, release notes, etc. - Provides guidance on roadmap formats and stakeholder updates. - Mentions a script: `python3 scripts/changelog_generator.py --from v1.0.0 --to HEAD`. - Includes a quality checklist. - No obvious prompt injection or instructions to exfiltrate data or perform unauthorized actions. - Purpose: Generate changelog sections from git log or piped input. - `SECTIONS`: Standard conventional commit types. - `DEMO_COMMITS`: Hardcoded sample data. - `get_git_log` function: - Uses `shutil.which("git")` to check for git. - Uses `subprocess.run(["git", "log", "--pretty=format:%s", commit_range], ...)` to get commit messages. - `commit_range` is constructed from `args.from_ref` and `args.to_ref`. - **Vulnerability Check**: `commit_range = f"{from_ref}..{to_ref}"`. If `from_ref` or `to_ref` contains shell metacharacters, could there be an injection? - `subprocess.run` is called with a list: `["git", "log", "--pretty=format:%s", commit_range]`. Since it's a list and `shell=True` is NOT set, shell injection via the arguments is generally mitigated by the OS/Python's handling of the argument list. However, `git` itself might interpret certain flags if the input starts with `-`. - The script uses `argparse` which helps define expected inputs. - `read_stdin`, `group_commits`, `render_markdown`, `render_text`: Standard logic for processing strings. - No network calls, no file writing (only printing to stdout), no reading of sensitive files (only git log). - Standard templates for emails and release notes. - No executable code or suspicious instructions. - Standard templates for roadmaps. - No executable code or suspicious instructions. - The skill is a tool for product managers/engineers to generate roadmap and changelog artifacts. - The Python script is a utility for parsing git logs. - The use of `subprocess.run` with a list is safe against shell injection. - There is no evidence of data exfiltration, persistence, or malicious intent. - The instructions in `SKILL.md` are aligned with the stated purpose. Classification: `benign`. ```json { "classification": "benign", "summary": "The roadmap-communicator skill is a legitimate tool for generating product management artifacts like roadmaps and changelogs. The included Python script (scripts/changelog_generator.py) safely uses subprocess.run with an argument list to interface with git, and the SKILL.md instructions are strictly aligned with the stated purpose without any signs of prompt injection or malicious intent." } ```