skill-creator
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the shell interpreter to execute internal Python scripts for lifecycle management, including initialization (
init_skill.py), validation (quick_validate.py), and packaging (package_skill.py). These scripts perform localized filesystem operations such as directory creation and zipping files. - [COMMAND_EXECUTION]: The workflow includes instructions for the agent to generate and test Python scripts in the local environment, executing them via the shell interpreter to verify functionality.
- [PROMPT_INJECTION]: The skill's role as a template generator creates an indirect prompt injection surface through the ingestion of user-provided requirements.
- Ingestion points: User-provided descriptions and examples are ingested in Step 1 and Step 2 of the workflow outlined in SKILL.md.
- Boundary markers: There are no explicit delimiters or instruction-guarding markers used to separate user-supplied content when it is interpolated into generated skill components.
- Capability inventory: The tool has access to file system writes and command execution via shell tools.
- Sanitization: Metadata format and length are validated by the package scripts, but the logic of generated Python scripts is not subjected to automated security sanitization.
Audit Metadata