skill-creator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Data Exposure & Exfiltration] (SAFE): No sensitive files are accessed, and no network operations are performed. The script only reads the provided skill directory and writes a ZIP file to the local filesystem.- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The scripts use only standard Python libraries (sys, zipfile, pathlib, re, os). No external packages are installed or executed.- [Command Execution] (SAFE): There are no calls to os.system, subprocess, or other command execution functions.- [Indirect Prompt Injection] (LOW): The script processes user-provided metadata from SKILL.md which could be a vector if the output is used in prompts. Evidence Chain: 1. Ingestion points: scripts/quick_validate.py reads SKILL.md. 2. Boundary markers: None. 3. Capability inventory: File-write (scripts/package_skill.py). 4. Sanitization: Validates name format with regex and filters angle brackets in descriptions.
Audit Metadata