skill-creator
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a meta-tool for skill development. It contains documentation and utility scripts that follow established development patterns.
- [COMMAND_EXECUTION]: The Python scripts
init_skill.pyandpackage_skill.pyperform file system operations such as directory creation, file writing, and zip archiving. These actions are limited to local paths provided by the user during the tool's invocation and are consistent with the skill's purpose as a project generator. - [EXTERNAL_DOWNLOADS]: The skill uses the standard
PyYAMLlibrary for metadata parsing. There are no indications of unauthorized remote connections, external script fetching, or downloads from untrusted sources. - [REMOTE_CODE_EXECUTION]: Analysis of the Python scripts confirms the absence of dangerous functions like
eval()orexec(). The scripts useyaml.safe_load()for configuration parsing, which is the recommended practice for preventing arbitrary code execution during deserialization.
Audit Metadata