agent-creator
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill fetches untrusted external data which could contain malicious instructions designed to exploit the agent's broad toolset. (1) Ingestion points: Uses
mcp__firecrawl__firecrawl_searchandWebFetchto gather requirements. (2) Boundary markers: Absent; the skill does not specify delimiters or instructions to treat fetched data as data only. (3) Capability inventory: Authorized to useRead,Write,Edit, andBashtools. (4) Sanitization: Absent; no evidence of input validation or sanitization for external content. - [COMMAND_EXECUTION]: The skill uses the
Bashtool for legitimate development tasks, such as creating directories and initializing project files for new agents. - [EXTERNAL_DOWNLOADS]: The skill references and provides installation examples for official Model Context Protocol (MCP) packages, which are well-known and trusted development resources.
Audit Metadata