skills/phuryn/skills/skill-creator/Gen Agent Trust Hub

skill-creator

Pass

Audited by Gen Agent Trust Hub on Jun 26, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the subprocess module to interact with the system environment and the platform's command-line interface.
  • scripts/improve_description.py and scripts/run_eval.py execute the claude CLI to perform sub-agent evaluations and test skill triggering. This is a documented interaction pattern for this platform.
  • eval-viewer/generate_review.py uses the lsof utility to detect and manage conflicts on local network ports.
  • [EXTERNAL_DOWNLOADS]: The evaluation viewer UI references an external JavaScript library for data processing.
  • eval-viewer/viewer.html loads the xlsx library from cdn.sheetjs.com. This is a well-known service providing common utility libraries.
  • [DATA_EXFILTRATION]: The skill starts a local HTTP server to provide a user interface for reviewing test results.
  • eval-viewer/generate_review.py runs an HTTP server on 127.0.0.1 (default port 3117). This activity is confined to the local loopback interface and is intended for user interaction with the benchmark data.
  • [PROMPT_INJECTION]: The skill ingests user-provided prompts and feedback to refine agent instructions.
  • While files like evals.json and feedback.json create a surface for indirect prompt injection in the evaluation loop, this is a necessary part of the skill's primary function as a developer tool. The risk is mitigated by the iterative, human-in-the-loop design of the workflow.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 26, 2026, 11:49 AM
Security Audit — agent-trust-hub — skill-creator