skill-creator
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to use common shell utilities such as
mkdir,grep,head, andgitto manage local file structures and validate skill content. These operations are essential for the skill's stated purpose of automating development workflows and are restricted to the local filesystem. - [PROMPT_INJECTION]: The skill includes an attack surface for indirect prompt injection (Category 8) by processing user-supplied input to generate skill templates.
- Ingestion points: User-provided inputs for skill names, descriptions, and technology triggers.
- Boundary markers: Absent in the generation templates.
- Capability inventory: Local file creation (
mkdir), file content inspection (grep,head), and version control operations (git commit). - Sanitization: Absent; the skill relies on the agent's internal logic to follow the provided markdown templates correctly.
- [EXTERNAL_DOWNLOADS]: The skill contains references to external documentation and guidelines from well-known technology sources (e.g., Anthropic's Claude documentation, Conventional Commits). These are static informational links and do not involve automated code retrieval or execution.
Audit Metadata