skill-creator-plus
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The skill package is composed entirely of Markdown documentation, licensing information, and change logs. It contains no executable scripts (Python, Bash, JS), binaries, or automated tasks.
- [COMMAND_EXECUTION]: The skill provides instructions on how to document command execution for other skills but does not execute any commands itself. It explicitly includes safety standards that prohibit dangerous operations such as 'rm -rf /' and 'rm -rf ~'.
- [CREDENTIALS_UNSAFE]: The skill provides defensive guidance by instructing developers to never hardcode API keys and to ensure that sensitive configuration files like '.env' are excluded from skill packages.
- [PROMPT_INJECTION]: The skill's 'Review Mode' instructs the agent to read and analyze third-party skill files. This creates a potential surface for indirect prompt injection where a malicious file being audited could attempt to influence the agent's report.
- Ingestion points: Local files read during the 'Review Mode' process (e.g., SKILL.md and scripts).
- Boundary markers: Not explicitly defined in the file-reading instructions.
- Capability inventory: Reading file content for analysis purposes.
- Sanitization: None; the skill relies on the agent's logic to evaluate content against its predefined audit checklist.
Audit Metadata