skill-creator
Warn
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [PRIVILEGE_ESCALATION]: The script scripts/init_skill.py applies executable permissions (chmod 0o755) to dynamically created files like example.py.
- [DYNAMIC_EXECUTION]: The skill programmatically generates executable Python scripts and documentation from internal templates using user-supplied names and paths.
- [INDIRECT_PROMPT_INJECTION]: The skill accepts user-provided skill names and paths that are interpolated into file system operations and templates without sufficient sanitization.
- Ingestion points: Command-line arguments in scripts/init_skill.py and scripts/package_skill.py.
- Boundary markers: Absent in the interpolation of templates and path construction.
- Capability inventory: Directory creation, file writing, permission modification, and ZIP creation.
- Sanitization: Input strings are used in path resolution without validation, allowing potential absolute path injection or traversal via the skill name argument.
Audit Metadata