skill-creator
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [SAFE] (SAFE): Analysis of the provided scripts (
package_skill.py,quick_validate.py) and documentation reveals no malicious intent or security vulnerabilities. - Script Analysis: The Python scripts utilize standard libraries for file manipulation (
pathlib,zipfile) and data parsing (yaml). The use ofyaml.safe_loadinquick_validate.pyprevents unsafe deserialization attacks. - File Operations: File system operations are localized to the specified skill directory for the purposes of validation and zipping. There are no signs of path traversal or unauthorized file access.
- Network/Exfiltration: No network operations, credential access, or data exfiltration patterns were detected across any of the files.
- Prompt Injection: The documentation files (
output-patterns.md,workflows.md) contain instructional templates for developers, which do not contain any patterns aimed at hijacking agent behavior or bypassing safety filters.
Audit Metadata