create-expert-skill
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill includes a Python script (
package_skill.py) designed to automate the zipping of skill folders and the creation of a directory structure file. This involves local read/write/zip operations but uses only Python standard libraries and does not accept unvalidated remote input for execution. - [EXTERNAL_DOWNLOADS] (SAFE): The skill is self-contained and does not perform any remote script fetching or external package installations.
- [DATA_EXFILTRATION] (SAFE): No network-capable code, hardcoded API keys, or attempts to access sensitive system paths were found.
- [PROMPT_INJECTION] (SAFE): The instructional content is focused on the intended goal of skill creation and does not attempt to override agent safety protocols or bypass constraints.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill is a generator for other skills, creating an attack surface. Evidence: 1. Ingestion points: User-provided 'expert conversations' and documentation. 2. Boundary markers: Absent; no explicit delimiters used during generation. 3. Capability inventory: Local file operations and zipping via
package_skill.py. 4. Sanitization: Absent; input is distilled directly into generated SKILL.md and scripts.
Audit Metadata