Skills
skills/bamzc/claude-skills-frontend/skill-creator/Gen Agent Trust Hub

skill-creator

Fail

Audited by Gen Agent Trust Hub on Feb 26, 2026

Risk Level: CRITICAL
Full Analysis
  • [SAFE]: The skill acts as a developer utility for creating and managing AI agent skills. The documentation and scripts are focused on legitimate structural and validation tasks for skill development.
  • [COMMAND_EXECUTION]: The scripts init_skill.py, package_skill.py, and quick_validate.py perform local file system operations, including directory creation, file writing, and ZIP packaging. These operations are essential to the skill's purpose and do not involve unauthorized command execution or unsafe shell spawning.
  • [PROMPT_INJECTION]: The content within SKILL.md and the reference files consists of best practices and design patterns. No malicious instructions, bypass attempts, or role-play injections are present.
  • [DATA_EXFILTRATION]: No network calls or sensitive data access patterns were identified. The automated scanner's alert for product.md is a false positive; the string appears only as a file name within a structural example in the markdown documentation, not as a malicious URL.
  • [EXTERNAL_DOWNLOADS]: The skill does not perform external downloads. It relies on standard Python libraries and the PyYAML package for parsing configuration.
Recommendations
  • Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 26, 2026, 08:41 AM