Skills
skills/erichowens/some_claude_skills/agent-creator/Gen Agent Trust Hub

agent-creator

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches configuration and tools from the official Model Context Protocol (MCP) package registry, including @modelcontextprotocol/sdk and @modelcontextprotocol/create-server.
  • [COMMAND_EXECUTION]: Utilizes the Bash tool for the creation and local testing of agent systems and MCP servers.
  • [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection by processing external data from the web.
  • Ingestion points: Web content is retrieved via WebFetch and mcp__firecrawl__firecrawl_search tools.
  • Boundary markers: No specific delimiters or 'ignore instructions' directives are used for processed content.
  • Capability inventory: Includes high-privilege tools such as Bash, Write, and Edit.
  • Sanitization: External data is not explicitly sanitized or validated before influencing subsequent actions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 12:11 PM