utility-pm-skill-builder

Pass

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill performs local file system operations, including directory creation and file copying from a staging area to production paths. It also executes local bash scripts (scripts/lint-skills-frontmatter.sh, scripts/validate-agents-md.sh, and scripts/validate-commands.sh) to ensure generated content meets repository standards. These actions are well-defined within the scope of a repository management utility.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it ingests user-provided ideas and interpolates them into generated instructions.
  • Ingestion points: User-provided skill idea or description in SKILL.md (Step 1).
  • Boundary markers: None explicitly defined in the generation logic to separate user-provided content from system instructions.
  • Capability inventory: The skill has the ability to write files and execute local validation scripts via the shell.
  • Sanitization: No explicit sanitization or validation of the user-provided idea is performed before it is written to the draft skill files.
Audit Metadata
Risk Level
SAFE
Analyzed
May 18, 2026, 05:10 PM
Security Audit — agent-trust-hub — utility-pm-skill-builder