skill-creator
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill includes Python scripts (
scripts/init_skill.pyandscripts/package_skill.py) that perform local file system operations to scaffold project directories and bundle files. These actions are transparent and strictly limited to the intended developer workflow. - [SAFE]: The validation logic in
scripts/quick_validate.pyfollows security best practices by usingyaml.safe_load()to process skill metadata, effectively mitigating risks associated with unsafe YAML deserialization. - [SAFE]: All instructions and reference materials (
references/workflows.md,references/output-patterns.md) provide legitimate architectural guidance without any evidence of prompt injection or malicious behavioral overrides. - [SAFE]: No network operations, hardcoded credentials, or suspicious obfuscation techniques were detected across the skill's file set.
Audit Metadata