Skills
skills/coleam00/second-brain-skills/skill-creator/Gen Agent Trust Hub

skill-creator

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION] (SAFE): The scripts package_skill.py and quick_validate.py perform local file system operations (reading files, creating zip archives) which are consistent with their stated purpose of packaging and validating skill directories. No unauthorized command execution was found.
  • [REMOTE_CODE_EXECUTION] (SAFE): The script quick_validate.py uses yaml.safe_load() to parse frontmatter from SKILL.md. This is a secure practice that prevents the execution of arbitrary code during YAML deserialization.
  • [DATA_EXFILTRATION] (SAFE): While package_skill.py reads local files to create a package, it does not perform any network operations to send this data externally.
  • [PROMPT_INJECTION] (SAFE): The documentation files (output-patterns.md, workflows.md) contain examples of instructions for AI agents, but they do not include bypasses, overrides, or malicious instructions intended to subvert agent safety.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:15 PM