Skills
skills/vibeeval/vibecosystem/skill-developer/Gen Agent Trust Hub

skill-developer

Pass

Audited by Gen Agent Trust Hub on Mar 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to use the Bash tool for filesystem operations, including creating directories in .claude/skills/, copying files, and listing directory contents.
  • [REMOTE_CODE_EXECUTION]: The skill facilitates the creation and runtime execution of Python scripts using the uv run command and the runtime.harness module. It provides templates for scripts that call Model Context Protocol (MCP) tools.
  • [PROMPT_INJECTION]: The skill acts as a meta-tool for generating new agent skills from user input, which presents an indirect prompt injection surface. A user could potentially provide malicious logic or instructions that the agent then formalizes into a persistent skill.
  • Ingestion points: User prompts and scripts supplied for conversion into new skills.
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands are provided in the skill generation guidelines.
  • Capability inventory: The skill leverages Bash, Read, Write, and Edit tools to modify the environment and run code.
  • Sanitization: The instructions do not define any sanitization or validation processes for the content of the generated skills.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 23, 2026, 09:04 AM
Security Audit — agent-trust-hub — skill-developer