Skills
skills/mdhb2/aix-skillpack/skill-creator/Gen Agent Trust Hub

skill-creator

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The orchestration scripts run_eval.py, improve_description.py, and run_loop.py utilize the subprocess module to call the claude CLI. This mechanism is essential for running the automated evaluation and description optimization loops.
  • [COMMAND_EXECUTION]: The generate_review.py script executes the lsof command via subprocess to identify and clear the local network port (defaulting to 3117) before starting its web server, ensuring the visualization tool can launch successfully.
  • [SAFE]: The skill hosts a local evaluation viewer by starting an HTTP server on the loopback address (127.0.0.1). This tool provides a qualitative review interface by embedding test outputs—including text, images, spreadsheets, and PDFs—from the local workspace into a standalone HTML page.
  • [SAFE]: The package_skill.py utility allows users to bundle their completed skill folders into .skill archives. This script includes a validation process that checks for correct frontmatter, naming conventions, and required fields according to the skill schema.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 01:22 AM
Security Audit — agent-trust-hub — skill-creator