fusion-skill-authoring
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a scaffolding utility that follows security best practices. It explicitly prohibits the use of hardcoded credentials, remote code execution (e.g., download-and-run patterns), and destructive commands without user confirmation.
- [PROMPT_INJECTION]: The skill functions as a code generator that ingests user-provided descriptions to scaffold new skills, which represents a surface for indirect prompt injection.
- Ingestion points: User-provided workflow requirements and activation cues in
SKILL.md(Step 2). - Boundary markers: The templates provided in
references/skill-template-baseline.mddo not currently specify the use of delimiters or escaping for user input. - Capability inventory: The agent uses file-writing capabilities to create and update the
skills/directory. - Sanitization: The skill enforces metadata constraints (regex, length) but does not include specific sanitization for user-provided instructions.
- [EXTERNAL_DOWNLOADS]: The skill references documentation and specifications from well-known technology platforms such as Anthropic (Claude), GitHub, and Google (Gemini) for developer guidance.
- [COMMAND_EXECUTION]: The workflow includes running local repository validation commands (e.g., schema validation, linting) to ensure the integrity of the authored skills.
Audit Metadata