skill-builder
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local scripts and CLI tools as part of its core functionality, including
skill-auditor,converter,heal-skill, and theaotool. These operations are restricted to the local environment and are necessary for the skill's purpose of building and auditing other skills. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface when processing external skill files or using the
from-patternmode. - Ingestion points:
scripts/init.sh(via the--absorbflag) andscripts/build.sh(via thefrom-patternmode). - Boundary markers: Currently, the skill does not wrap processed content in explicit security boundary markers.
- Capability inventory: The skill can create files and execute local validation scripts.
- Sanitization: Basic validation is performed on skill names to ensure they follow a lowercase-hyphen slug format.
- [EXTERNAL_DOWNLOADS]: The documentation references absorbing content from official repositories associated with Anthropics. These references are treated as trusted sources for development templates and do not represent a security risk.
Audit Metadata