skill-creator
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes Python scripts (
scripts/init_skill.py,scripts/package_skill.py) that perform local file system operations, such as creating directories, writing template files, and zipping skill folders. These operations are standard for a project scaffolding and packaging tool. - [PRIVILEGE_ESCALATION]: The
scripts/init_skill.pyscript programmatically modifies file permissions usingchmod(0o755)on a dynamically created example script. This behavior is intended to make the generated template immediately functional for the developer but involves changing execution privileges. - [INDIRECT_PROMPT_INJECTION]: The skill processes user-defined skill names and file paths, presenting a potential surface for indirect injection if inputs are not sanitized.
- Ingestion points: Command-line arguments for skill name and destination path in
scripts/init_skill.py. - Boundary markers: Absent; input strings are directly interpolated into file system paths and SKILL.md templates.
- Capability inventory: Local file system write and directory creation in
scripts/init_skill.py; ZIP archival inscripts/package_skill.py. - Sanitization: Kebab-case regex validation (
^[a-z0-9-]+$) is implemented inscripts/quick_validate.pyto enforce safe naming conventions for the skill directory.
Audit Metadata