skill-creator
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The script "scripts/run_eval.py" executes the "claude" command-line interface via the Python "subprocess" module to test skill triggering. It dynamically creates and deletes command files in the ".claude/commands/" directory to facilitate these tests.
- [COMMAND_EXECUTION]: The script "eval-viewer/generate_review.py" executes system commands like "lsof" and "kill" to manage local network ports when starting the evaluation viewer server.
- [EXTERNAL_DOWNLOADS]: The skill uses the official "anthropic" Python package to communicate with Anthropic's API for the purpose of iteratively improving skill descriptions.
- [EXTERNAL_DOWNLOADS]: The evaluation viewer template "eval-viewer/viewer.html" loads the SheetJS spreadsheet library from the well-known "cdn.sheetjs.com" content delivery network.
- [SAFE]: The skill implements a structured three-level loading system and includes extensive documentation promoting secure development practices, specifically advising against the creation of malicious or misleading skills.
Audit Metadata