create-skill

Pass

Audited by Gen Agent Trust Hub on Jul 2, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill guides the agent to use standard shell commands such as mkdir, cp, ls, and git for managing skill directory structures and versioning. These operations are limited to the skill's local environment (${PAI_DIR}) and are necessary for the skill's core function.
  • [EXTERNAL_DOWNLOADS]: The skill's documentation and templates reference the official Anthropic skills repository (github.com/anthropics/skills) as a trusted source for examples and technical standards. These references are documented neutrally and point to a well-known, trusted organization.
  • [SAFE]: The skill implements security-positive design principles, such as progressive context disclosure (separating quick-reference SKILL.md from comprehensive CLAUDE.md) and explicit activation triggers. No evidence of prompt injection, data exfiltration, or obfuscated malicious content was found.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 2, 2026, 02:51 AM
Security Audit — agent-trust-hub — create-skill