skill_creator

The script is a utility for producing files from a JSON payload, but it allows arbitrary filesystem writes based on untrusted input without canonicalization or containment checks. This enables path traversal and absolute-path attacks that can overwrite arbitrary files the process has permission to write, creating a significant supply-chain/backdoor risk if attackers can influence the JSON input or command-line arguments. There is no evidence of in-code exfiltration or obfuscation, but the file-write behavior is dangerous and should be corrected by enforcing path normalization/containment, rejecting absolute and traversal paths, limiting file types/sizes, and running with least privilege.