skill-creator
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses Python's
subprocessmodule in several scripts (scripts/run_eval.py,scripts/run_loop.py,scripts/package_skill.py) to execute theclaudeCLI and other local utilities. This is necessary for its core functionality of running and testing skills in the local environment. - [EXTERNAL_DOWNLOADS]: The
eval-viewer/viewer.htmlfile loads theSheetJS(xlsx) library fromcdn.sheetjs.com. This is a well-known service used to render Excel spreadsheets directly within the local review dashboard. Additionally,scripts/improve_description.pyuses the official Anthropic Python SDK to communicate with the Anthropic API for generating optimized skill descriptions. - [PROMPT_INJECTION]: The
SKILL.mdinstructions guide the model to write 'pushy' skill descriptions to ensure they trigger reliably. This is presented as a design pattern for skill discovery and optimization rather than an attempt to bypass safety filters or ignore system instructions. - [DATA_EXFILTRATION]: The
eval-viewer/generate_review.pyscript starts a local HTTP server onlocalhost:3117to host a developer dashboard. It reads files from the designated skill workspace to embed them into the review interface. This operation is confined to the local machine and the specified project directories. - [COMMAND_EXECUTION]:
scripts/run_eval.pydynamically creates temporary command files in.claude/commands/based on user input and then executes them via theclaudeCLI. This is a standard part of the skill testing and discovery evaluation process.
Audit Metadata