skill-creator
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- SAFE (SAFE): The skill comprises benign developer utilities and documentation.
- REMOTE_CODE_EXECUTION (SAFE): The validation script uses
yaml.safe_load()to parse frontmatter, which is the recommended secure method to prevent execution of arbitrary code during deserialization. - PROMPT_INJECTION (SAFE): The reference documentation includes template patterns and examples for output consistency that do not attempt to override agent safety filters or system instructions.
- DATA_EXFILTRATION (SAFE): The packaging script performs local file reads and ZIP creation without network activity or unauthorized access to sensitive system paths.
Audit Metadata