skill-creator
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill guides users through a conversational workflow to generate markdown content for new skills. It performs file-write operations to a dedicated local directory (~/.claude/custom/skills/) which is standard behavior for its stated purpose of creating persistent configuration files.
- [SAFE]: No patterns of prompt injection, obfuscation, or credential theft were identified in the instructions or metadata.
- [SAFE]: The external URL referenced in the metadata (github.com/AJBcoding/claude-skill-eval) is documented as a source of inspiration and is not used for automated downloads or remote code execution.
- [SAFE]: While the skill takes user input to generate file content (a surface for Indirect Prompt Injection), it does not execute this content immediately or interpolate it into high-privilege commands, remaining within acceptable safety parameters for a configuration utility.
Audit Metadata