skillify
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized operations were detected. The skill is designed for organization and documentation purposes.\n- [PROMPT_INJECTION]: The skill was evaluated for indirect prompt injection surfaces because it generates new agent instruction files based on user requests and observed conversation history. The risk is assessed as safe because the skill is limited to writing static Markdown files within the '.agent/skills/' directory and does not provide an execution path for the generated content. Its tool access is correctly restricted to local file operations.\n
- Ingestion points: User instructions and repetitive workflow patterns identified from the agent's context (SKILL.md).\n
- Boundary markers: The generated skill template provides structure but does not include explicit instructions to ignore embedded malicious prompts within the newly created skills.\n
- Capability inventory: Tool usage is restricted to 'Read', 'Write', 'Glob', and 'Grep' for file management (SKILL.md).\n
- Sanitization: No explicit sanitization of the content is performed before it is written to the new documentation files.\n- [NO_CODE]: The skill contains only instructional documentation and templates; no executable scripts or external binaries are included.
Audit Metadata