skill-creator
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses Python's
subprocessmodule to manage evaluation runs.scripts/run_eval.pyinvokes theclaudeCLI for running test cases, andeval-viewer/generate_review.pycalls thelsofutility to manage local server ports. These operations are restricted to the local environment and are essential for the tool's core functionality. - [EXTERNAL_DOWNLOADS]: The review UI template (
eval-viewer/viewer.html) loads the SheetJS library fromcdn.sheetjs.com. This well-known service is used to render spreadsheet data within the local browser interface for manual result review. - [SAFE]: No malicious obfuscation, credential exfiltration, or unauthorized persistence mechanisms were detected. The skill's behavior is consistent with its stated purpose as a meta-development tool for the AI platform.
Audit Metadata