Skills
skills/ruvnet/agent-harness-generator/create-harness/Gen Agent Trust Hub

create-harness

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches the create-agent-harness package from the npm registry using npx. This is a standard and expected operation for project scaffolding utilities.
  • [COMMAND_EXECUTION]: Executes system commands to create and manage the generated harness project.
  • Orchestrates project creation via npx create-agent-harness.
  • Instructs the agent on using standard lifecycle commands such as npm install, npm test, and npm publish.
  • Implements a security best practice by requiring a witness.json Ed25519-signed provenance manifest to verify code integrity.
  • [PROMPT_INJECTION]: Identified an indirect prompt injection surface where user-provided inputs are interpolated into a shell command.
  • Ingestion points: User-supplied values for the harness name and description in the SKILL.md file.
  • Boundary markers: None are defined to isolate user input from the shell execution environment.
  • Capability inventory: The skill has the capability to execute arbitrary commands via the package manager (npx, npm).
  • Sanitization: There is no mention of validation or sanitization for the harness name or description strings before they are processed by the shell command.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 05:56 AM
Security Audit — agent-trust-hub — create-harness