Skills
skills/elliottrjacobs/bench-skills/create-new-skill/Gen Agent Trust Hub

create-new-skill

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the Bash tool to perform filesystem operations, specifically creating symbolic links (ln -s) to install newly scaffolded skills into the agent's configuration directory.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8). It ingests untrusted user input via the AskUserQuestion tool and incorporates this data into generated SKILL.md files using the Write tool. There are no boundary markers or sanitization steps implemented to prevent potentially malicious instructions from being persisted in the new skill files.
  • [COMMAND_EXECUTION]: The reference documentation included with the skill provides guidance on implementing dynamic context injection (!command) and lifecycle hooks, both of which facilitate the execution of arbitrary shell commands at runtime.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 03:36 AM