skill-creator
Pass
Audited by Gen Agent Trust Hub on Apr 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: Several Python scripts utilize the
subprocessmodule to orchestrate the skill development lifecycle. This includes calling theclaudeCLI for evaluations,gitfor repository management,npmfor dependency research, and system utilities likelsofandkillto manage the local evaluation viewer server. - [EXTERNAL_DOWNLOADS]: The skill's documentation and prerequisites guide the user to install well-known security tools (like
gitleaksfrom GitHub) and software packages from official registries (PyPI, NPM). These references target trusted organizations and well-known services, posing no unusual risk to the environment. - [DATA_EXPOSURE]: The skill contains instructions for the agent to search for project-specific configuration files, such as
~/.claude.jsonand~/.claude/CLAUDE.md, to research existing workflows. This behavior is contextually appropriate for a tool designed to integrate with the Claude Code platform. - [PROMPT_INJECTION]: The skill uses structured boundary markers (XML-style tags) when interpolating user-provided feedback or generated content into prompts. For example, in the description optimizer (
improve_description.py), it wraps content in<skill_content>and<current_description>tags to mitigate accidental instruction following from the processed data.
Audit Metadata