Forge
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill includes shell and Python scripts for local file management and packaging tasks. These scripts are used for directory creation, template generation, and archiving (zip), which are consistent with the skill's primary purpose as a creation toolkit.
- [DATA_EXPOSURE]: Analysis of the scripts and instructions shows no attempts to access sensitive system files, hardcoded credentials, or unauthorized data exfiltration mechanisms.
- [REMOTE_CODE_EXECUTION]: The skill does not download or execute code from external URLs. All scripts are local to the skill package and perform standard development operations.
- [PROMPT_INJECTION]: No patterns of instruction override, safety filter bypass, or system prompt extraction were found in the skill body or metadata.
- [DYNAMIC_EXECUTION]: The skill generates script templates based on user input for new skills. This is the intended functionality of an initialization tool and does not present a risk within the context of the agent's development environment.
Audit Metadata