skill-authoring
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE] (SAFE): The skill metadata and instructional content do not contain any malicious patterns, safety bypasses, or prompt injection attempts. The workflow focuses on standardizing skill creation for interoperability.
- [NO_CODE] (SAFE): No executable scripts (Python, JavaScript, or shell) are bundled with the skill. All logic is contained within the agent's interpretation of the provided markdown instructions and metadata.
- [COMMAND_EXECUTION] (SAFE): While the guidelines instruct developers on how to bundle and describe script execution for other skills, this specific skill does not perform any command execution or request elevated permissions.
- [PROMPT_INJECTION] (SAFE): The skill uses the 'read_skill_asset' tool to inspect other skill files. While this represents a data ingestion surface, the tools are read-only and limited to skill metadata/assets, posing no direct risk to the agent's system state.
Audit Metadata