skill-share
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to ingest user-provided strings to generate file structures and metadata, creating a potential injection surface.
- Ingestion points: User-provided skill name and description used in file and directory creation (SKILL.md).
- Boundary markers: None identified in the manifest to delimit user input from system-generated metadata.
- Capability inventory: Includes file system operations (creating directories and files), packaging (zip creation), and network operations (Slack integration).
- Sanitization: No sanitization or validation logic is described for the user-provided inputs used in file generation.
- [No Code] (SAFE): No executable scripts (Python, JavaScript, or Shell) were provided for analysis in this skill package.
Audit Metadata