skill-create
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill instructions and associated scripts do not contain malicious patterns, prompt injections, or data exfiltration attempts.
- [COMMAND_EXECUTION]: The provided Node.js script (
scripts/validate-skills.cjs) is a local maintenance tool that scans and updates SKILL.md files. It uses standard file system APIs for legitimate project organization and does not execute arbitrary or remote code. - [DATA_EXFILTRATION]: While the validation script reads local skill files to parse frontmatter, it does not include network capabilities or any logic to target sensitive credentials or system files.
Audit Metadata