Skills
skills/majiayu000/claude-skill-registry/adb-skill-generator/Gen Agent Trust Hub

adb-skill-generator

Pass

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill operates as a code generator that creates new executable Python scripts and TOON workflow files in the local filesystem and suggests execution using the uv tool.
  • [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface by interpolating user-provided text into the code and documentation of newly generated skills.
  • Ingestion points: Command-line parameters --skill-name and --description used in the adb-skill-generator.py script.
  • Boundary markers: None identified in the documentation to isolate user input from the generated template code.
  • Capability inventory: The skill can write files to the .claude/skills/ directory and execute local scripts via uv.
  • Sanitization: No sanitization or validation of user-provided strings is documented before they are embedded into the generated files.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 17, 2026, 08:32 AM