skill-creator
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides Python utilities (
scripts/init_skill.py,scripts/package_skill.py) that manage the skill development lifecycle. These scripts perform routine file operations such as directory creation, writing template files, and zipping skill folders for distribution. These actions are appropriate for a developer utility and do not involve unauthorized shell execution or system-level changes.\n- [PROMPT_INJECTION]: The skill facilitates the generation of new skill files based on user-provided descriptions and examples, which constitutes an indirect prompt injection surface.\n - Ingestion points: User input gathered in the initial planning steps is used to define the functionality and content of the generated skill.\n
- Boundary markers: The skill does not currently provide delimiters or instructions in its templates to prevent the agent from obeying instructions embedded in the user-provided data.\n
- Capability inventory: The skill uses bundled scripts to create and modify files on the local filesystem.\n
- Sanitization: Basic validation is performed by
scripts/quick_validate.py, which checks metadata formats and restricts specific characters like angle brackets in descriptions.\n- [SAFE]: No evidence was found of sensitive data access (e.g., credentials or private keys), network exfiltration, or obfuscated payloads. The skill follows best practices for modular agent design and serves a legitimate instructional and developmental purpose.
Audit Metadata