Skills
skills/isomoes/skills/skill-creator/Gen Agent Trust Hub

skill-creator

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the Python subprocess module to interact with the system's Claude CLI and to manage the local execution of its own utility scripts. This is used for core functionality such as running evaluations, optimizing skill descriptions, and managing the local web viewer.
  • [EXTERNAL_DOWNLOADS]: The evaluation viewer (viewer.html) includes a reference to a well-known third-party library, xlsx.full.min.js from cdn.sheetjs.com (SheetJS), which is used to render spreadsheet files for human review within the local browser.
  • [DATA_EXFILTRATION]: The generate_review.py script starts a local HTTP server bound to 127.0.0.1 to serve the evaluation results. This is a standard developer tool pattern designed to facilitate human review of test outputs on the local machine and does not transmit data to external servers.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 02:41 PM
Security Audit — agent-trust-hub — skill-creator