skill-builder
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Command Execution] (LOW): The skill suggests executing the
skills-refcommand for validation. This is a targeted, task-specific execution pattern.\n- [External Downloads] (LOW): The README instructions reference an external repository (bntvllnt/agent-skills) for installation vianpx. This is an untrusted source according to the policy but is a standard installation method for such tools.\n- [Indirect Prompt Injection] (LOW): Processing existing skill files introduces a vulnerability surface where attacker-controlled text in those files could influence the agent.\n - Ingestion points: Scans and reads
SKILL.mdfiles and repository structures during update and validation workflows (SKILL.md, references/validation.md).\n - Boundary markers: Absent; the skill does not wrap file content in delimiters or provide ignore-instruction warnings.\n
- Capability inventory: File system writes, directory creation, and execution of validation tools (SKILL.md).\n
- Sanitization: Absent; the skill relies on the agent's internal safety filters.
Audit Metadata