building-agents
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill manages a surface for indirect prompt injection as it facilitates the creation of agent instructions from user-defined requirements. * Ingestion points: User requirements for agent purpose and behavior in SKILL.md. * Boundary markers: Usage of YAML frontmatter for metadata separation. * Capability inventory: Tools provided to agents include Read, Write, Edit, Grep, Glob, and Bash. * Sanitization: The scripts/validate-agent.py utility enforces schema compliance, while SKILL.md provides explicit security instructions.
- [SAFE]: No evidence of data exfiltration, credential theft, or malicious code execution was found. The included Python script uses standard libraries and performs safe YAML parsing.
Audit Metadata