skill-creator
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes Python and TypeScript scripts (
init_skill.py,init_skill.ts) that automate the creation of directory structures and files on the local file system. - [COMMAND_EXECUTION]: Initialization scripts use
chmod +xto ensure that generated example scripts in thescripts/directory are executable by the user. - [EXTERNAL_DOWNLOADS]: The
init_skill.tsscript usesnpxto executetsx, which may involve downloading thetsxpackage from the official npm registry if it is not present in the local environment. - [PROMPT_INJECTION]: The skill processes user-provided inputs (descriptions and workflow examples) to generate content for new skills, creating an indirect prompt injection surface.
- Ingestion points: User input provided during the skill planning and editing steps described in SKILL.md.
- Boundary markers: Validation scripts check for specific characters (e.g., angle brackets) in descriptions to provide a basic layer of separation.
- Capability inventory: The skill can create directories and write files to the local system via its initialization scripts.
- Sanitization: Basic validation of the skill name (hyphen-case) and description (no angle brackets) is implemented in the quick_validate scripts.
Audit Metadata