Skills
skills/dwsy/agent/skillcraft/Gen Agent Trust Hub

skillcraft

Warn

Audited by Gen Agent Trust Hub on Apr 10, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the agent to clone a repository from an external, non-trusted source: https://github.com/shiqichen17/SkillCraft.
  • [REMOTE_CODE_EXECUTION]: The instructions include executing downloaded scripts using bash run.sh and uv run python test_all_tasks.py, which constitutes a download-then-execute pattern from an unverified source.
  • [COMMAND_EXECUTION]: The skill uses shell commands for environment setup and task execution, including git clone, uv sync, and bash.
  • [PROMPT_INJECTION]: The skill processes data from various external APIs (GitLab, TVMaze, etc.), creating a potential surface for indirect injection. Ingestion points: API responses from gitlab-deep-analysis, cat-facts-collector. Boundary markers: Absent. Capability inventory: Shell script and Python execution. Sanitization: Absent.
  • [DATA_EXFILTRATION]: The skill is configured to interact with OpenRouter (openrouter.ai), a well-known service.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 10, 2026, 03:00 PM