skill-creator
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file path access, or network communication protocols were detected. File operations are confined to the user-provided directory.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The scripts rely exclusively on the Python standard library (pathlib, zipfile, sys, os, re). No external packages are required, and no remote script execution patterns were found.
- [Dynamic Execution] (SAFE): The codebase does not use any dynamic execution sinks such as eval(), exec(), or unsafe deserialization (pickle). All logic is statically defined.
- [Command Execution] (SAFE): No subprocess calls, shell invocations, or system-level command executions are present in the code.
- [Obfuscation] (SAFE): The scripts are written in cleartext with no encoded strings, zero-width characters, or homoglyph-based evasion techniques.
Audit Metadata