skill-builder
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- SAFE (SAFE): The skill contains utility scripts and markdown documentation for skill development workflows. No malicious behaviors were found.
- [COMMAND_EXECUTION] (SAFE): The Python scripts
package_skill.pyandquick_validate.pyperform standard file system operations such as reading directory contents, validating YAML frontmatter, and creating a ZIP archive. These operations are restricted to the local file system and align with the scripts' stated purposes without invoking arbitrary shell commands. - [DATA_EXFILTRATION] (SAFE): No network activity, hardcoded credentials, or attempts to access sensitive system files (e.g., ~/.ssh or .env files) were detected.
- [EXTERNAL_DOWNLOADS] (SAFE): The skill does not download external packages or execute remote code at runtime.
- [PROMPT_INJECTION] (SAFE): The documentation files
output-patterns.mdandworkflows.mdcontain helpful structural templates and examples. They do not contain instructions designed to bypass agent safety filters or override system prompts.
Audit Metadata