skill-creator
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXPOSURE] (SAFE): The scripts perform local file operations to package files into a ZIP format and validate metadata. No access to sensitive system paths (e.g., ~/.ssh, ~/.aws) or hardcoded credentials was found.
- [DYNAMIC_EXECUTION] (SAFE): The validation script uses
yaml.safe_load()to process frontmatter, which is the secure method for parsing YAML and prevents arbitrary code execution during deserialization. No use ofeval(),exec(), or unsafe subprocess calls on untrusted data was detected. - [PROMPT_INJECTION] (SAFE): The provided markdown documentation files contain instructional patterns for guiding agent behavior. These are standard formatting and workflow guides and do not contain bypass instructions, role-play jailbreaks, or attempts to extract system prompts.
- [EXTERNAL_DOWNLOADS] (SAFE): No network operations, external downloads, or remote script execution patterns (e.g., curl | bash) were identified in the scripts.
Audit Metadata