skill-system-creator
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill defines automated operations to execute included Python scripts (
scripts/init_skill.pyandscripts/package_skill.py) for managing the skill development process. - [SAFE]: The skill incorporates security best practices, such as using
yaml.safe_load()for parsing configuration and strictly validating user-provided skill names against a safe regex pattern (^[a-z0-9-]+$). - [PROMPT_INJECTION]: The skill manages potential indirect injection surfaces (skill metadata) through the following controls:
- Ingestion points: User-provided skill names and descriptions.
- Boundary markers: Standard YAML frontmatter delimiters (
---). - Capability inventory: Filesystem read/write and subprocess execution (
proc.exec) limited to the skill's own scripts. - Sanitization: Enforced regex validation for names and length constraints for descriptions in
quick_validate.py.
Audit Metadata