skill-maker
Pass
Audited by Gen Agent Trust Hub on May 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a documentation and template package designed to assist in skill development. It does not contain any automated execution of dangerous commands or hidden logic.
- [SAFE]: The skill explicitly instructs on secure credential handling in the
references/api-skill-patterns.mdfile, advising developers to use shell substitution (e.g.,curl -u "$(cat path/.token)") to ensure secrets never enter the LLM context where they could be logged or leaked. - [SAFE]: The "Audit Workflow" involves reading and modifying local files related to other skills. This behavior is the primary intended purpose of the skill and is triggered by specific user requests to "audit" or "fix" a skill, with modifications described as "surgical" and intended for review.
- [SAFE]: Documentation references to external tools like
uv,pipx,beautifulsoup4, andrequestsare provided as educational examples for script development and do not represent unauthorized dependency installations by the skill itself.
Audit Metadata