agent-creator
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides several bash script templates (e.g.,
validate-solid.sh,track-skill-read.sh) and instructs the agent to apply execution permissions usingchmod +x. - [COMMAND_EXECUTION]: Instructions in
SKILL.mdguide the agent to use shell utilities likesedfor automated file editing andbashfor executing validation logic. - [COMMAND_EXECUTION]: The documentation defines a hook system (
PreToolUseandPostToolUse) that executes local shell scripts to enforce SOLID principles and track skill consultation. - [PROMPT_INJECTION]: The skill utilizes a templating system for agent creation which represents a surface for indirect prompt injection via user-supplied variables.
- Ingestion points: Variables in
references/templates/agent-template.mdsuch as<agent-name>,<technology>, and<features>. - Boundary markers: No specific delimiters or instructions are provided in the templates to isolate user-provided metadata from the agent's core instructions.
- Capability inventory: The resulting agents are designed to use powerful tools including
Write,Edit,Bash, and web-search capabilities viamcp__exa__web_search_exa(file:references/templates/agent-template.md). - Sanitization: The skill does not describe any sanitization or validation steps for the values interpolated into the agent templates.
Audit Metadata