skill-card-generator

Pass

Audited by Gen Agent Trust Hub on Jun 12, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill is authored by a trusted organization and follows robust security practices, including automated redaction of sensitive API keys, tokens, and credentials from discovered assets.
  • [EXTERNAL_DOWNLOADS]: The skill utilizes the standard jinja2 Python library for its rendering process. This is a well-known, legitimate dependency.
  • [COMMAND_EXECUTION]: The script scripts/discover_assets.py uses subprocess.run to execute local git commands for retrieving repository information like commit SHAs and tags. These calls are implemented securely using the list-argument format and are confined to the local filesystem.
  • [PROMPT_INJECTION]: The skill acts as an analysis tool that reads external file contents from a target directory, creating a surface for potential indirect prompt injection.
  • Ingestion points: scripts/discover_assets.py reads data from files in a user-specified directory.
  • Boundary markers: The script wraps discovered signals in markdown headers and code blocks to separate file contents.
  • Capability inventory: The skill has permissions for local file operations and shell execution of its own scripts.
  • Sanitization: The script includes comprehensive logic to detect and mask API keys and passwords before they are processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 12, 2026, 09:11 PM
Security Audit — agent-trust-hub — skill-card-generator