skills-il-skill-creator
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill functions as a developer utility for scaffolding and documenting new AI agent skills. Its operations are transparent and consistent with its stated purpose.
- [COMMAND_EXECUTION]: Utilizes a local Python script (scripts/scaffold-skill.py) to create directories and write template files based on user-provided metadata. The script uses only Python standard libraries and includes input validation to prevent path traversal.
- [DATA_EXFILTRATION]: Prompts the user for a name and email address, which is used for skill attribution and notification upon publication. This data collection is explicitly disclosed as part of the submission process and is not handled covertly.
- [EXTERNAL_DOWNLOADS]: Recommends using curl in a shell loop to verify the availability of URLs included in the skill's documentation to prevent broken links in published content.
Audit Metadata