skill-creator
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute internal scripts (
scripts/init_skill.pyandscripts/package_skill.py) to automate skill initialization and validation. These scripts are documented as local utility tools designed to assist the developer. - [PROMPT_INJECTION]: The skill presents an indirect injection surface because its primary function is to ingest user-provided examples and descriptions to generate instructional content for new skills.
- Ingestion points: User examples and queries gathered during the 'Discovery' phase described in 'references/creation-workflow.md'.
- Boundary markers: The workflow for creating new skills does not explicitly require delimiters or specific instructions to ignore embedded commands in the user-provided data.
- Capability inventory: The skill utilizes file system writes and local script execution to fulfill the generation process.
- Sanitization: No specific sanitization or escaping logic for user-provided strings is mentioned before they are incorporated into generated SKILL.md files.
- [SAFE]: The skill demonstrates safe operations by avoiding hardcoded credentials, unauthorized network requests, and sensitive file access. All external links point to the author's verified GitHub repositories.
Audit Metadata