skill-creator
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill processes user-supplied queries and failed test cases to optimize skill descriptions via LLM prompts. Ingestion points include queries processed in scripts/run_eval.py and improvement data in scripts/improve_description.py. Explicit boundary markers and sanitization are absent in the optimization prompts. However, capabilities are limited to local development tasks, and the behavior is inherent to the primary purpose of prompt optimization.
- [EXTERNAL_DOWNLOADS]: The evaluation viewer UI downloads the SheetJS library from a well-known CDN (cdn.sheetjs.com) to provide spreadsheet rendering capabilities. It also references fonts from Google Fonts. These are well-known technology services and the references are documented as safe.
- [COMMAND_EXECUTION]: The toolkit uses subprocesses to execute the 'claude' CLI for running evaluations and 'lsof' for managing the local web server port. These operations are required for the tool's core functionality and are performed within the user's local project context.
Audit Metadata