agent-creator
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill includes Python scripts (
scripts/init_agent.pyandscripts/validate_agent.py) that perform local file system operations. These scripts facilitate creating directories and writing markdown files to.claude/agents/or~/.claude/agents/, which is the standard behavior for managing Claude Code subagents. - [PROMPT_INJECTION]: The skill defines a surface for indirect prompt injection (Category 8) because the
init_agent.pyscript interpolates user-provided text (description and body) into a template for a system prompt. However, this is the intended primary purpose of the skill (generating agent definitions) and is constrained to the user's local environment. - [CREDENTIALS_UNSAFE]: No hardcoded secrets or attempts to harvest environment variables/credential files were found in any of the scripts or instruction files.
Audit Metadata