BeCreative
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes shell commands for notification and technical reasoning. It instructs the agent to use
curlfor sending POST notifications tohttp://localhost:8888/notifyto indicate which workflow is active. Additionally, theTechnicalCreativityGemini3workflow utilizes thellmCLI tool to invoke external models likegemini-3-pro-previewfor complex engineering analysis. - [PROMPT_INJECTION]: The skill uses strong directives such as 'MANDATORY' and 'REQUIRED' to enforce specific agent behaviors, such as sending notifications before any action. These are intended for operational transparency and do not attempt to bypass safety filters or override core instructions in a malicious way.
- [DATA_EXPOSURE]: The skill accesses local file system paths to manage its configuration. It is designed to read from
~/.claude/PAI/USER/SKILLCUSTOMIZATIONS/BeCreative/for user preferences and reads its own workflow files from its installation directory. These operations are restricted to relevant local paths. - [SAFE]: No malicious patterns such as remote code downloads (e.g., curl|bash), credential exfiltration, or obfuscation were detected. All network activity is directed to localhost or trusted well-known AI services.
Audit Metadata