Skills
skills/elliottrjacobs/bench-skills/bench-new-skill/Gen Agent Trust Hub

bench-new-skill

Pass

Audited by Gen Agent Trust Hub on Feb 24, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute 'npx skills add', which is the established procedure for installing generated skills into the bench-skills environment.
  • [PROMPT_INJECTION]: The skill generates new SKILL.md instruction sets using external input, creating an indirect prompt injection surface where the generated skill might inherit malicious instructions from the initial user request.
  • Ingestion points: The agent prompts the user via AskUserQuestion to provide the logic, triggers, and purpose of the new skill in Step 1.
  • Boundary markers: The scaffolding process does not include delimiters or protective instructions to prevent the agent from obeying instructions embedded within the user-provided skill description.
  • Capability inventory: The skill possesses the Write tool to create files and the Bash tool for system-level installation.
  • Sanitization: There is no mechanism to sanitize or escape the user input before it is written into the new SKILL.md file.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 24, 2026, 01:24 AM