Skills
skills/creminiai/skillpack/skillpack-creator/Gen Agent Trust Hub

skillpack-creator

Pass

Audited by Gen Agent Trust Hub on Mar 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/scaffold_skillpack.py invokes subprocess.run to execute the npx command for packaging tasks. The execution uses a fixed list of arguments and runs within the context of the generated pack directory.
  • [EXTERNAL_DOWNLOADS]: The skill utilizes npx to retrieve and run the @cremini/skillpack utility. This tool is provided by the skill's author (CreminiAI) and is used for its intended purpose of zipping the created SkillPack.
  • [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection (Category 8) as it processes data from previously completed tasks to generate new skill instructions.
  • Ingestion points: Completed task workflows and deliverables (referenced in SKILL.md Step 1).
  • Boundary markers: The skill instructs the agent to 'normalize' and 'clean' the source task, but explicit delimiters for the source data are not defined.
  • Capability inventory: File system writes and shell command execution via scripts/scaffold_skillpack.py.
  • Sanitization: The instructions advise removing 'exploratory transcript' noise and 'dead ends', which provides a degree of manual filtering by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 23, 2026, 11:25 PM