tgw-mcn-creator-profile
Pass
Audited by Gen Agent Trust Hub on Jun 29, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Python script
scripts/render_mcn_asset.pyto create file skeletons. This is a controlled execution of the skill's own code. - [DATA_EXPOSURE]: The skill instructions and reference files (
references/privacy-boundary.md,references/creator-fields.md) establish a strict 'Internal' vs 'Brand Safe' boundary. It explicitly instructs the agent to keep sensitive information like private contacts, bottom prices, and negative notes in internal-only fields to prevent accidental exposure. - [DYNAMIC_EXECUTION]: The
render_mcn_asset.pyscript generates Markdown files from user input. It includes ayaml_scalarfunction that usesjson.dumpsto properly escape strings, effectively preventing YAML injection or formatting breakage when writing extracted data to file headers. - [SAFE]: The script implements security best practices, including checking that the output directory is not inside the skill's own package and using atomic file writes with temporary files to ensure data integrity.
Audit Metadata