skill-creator
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill includes Python utility scripts (scripts/init_skill.py, scripts/package_skill.py) that perform local file system operations such as directory creation, template writing, and zip archiving. These are standard developer tools and do not involve unauthorized execution. The workflow instructions also suggest running a local test command (opencode run "test") to validate configurations.
- [EXTERNAL_DOWNLOADS]: The permissions-update.md file contains a reference to a GitHub release URL for the anomalyco/opencode repository. This URL is used as a documentation reference for schema validation and does not trigger automatic downloads or execution of external code.
- [PROMPT_INJECTION]: The skill utilizes variable placeholders such as $ARGUMENTS and $1 within its workflow templates (create-pack.md, refactor-rfc-xml.md) to integrate user input into agent instructions. While this creates an indirect prompt injection surface, the skill implements structural boundary markers using XML-like tags and provides explicit constraints to prevent the agent from leaking structural keywords or adopting an unnatural communication style.
Audit Metadata