typespec-create-agent
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is purely instructional, providing a template for TypeSpec development. It does not include executable scripts or perform any operational tasks that could lead to security risks.
- [EXTERNAL_DOWNLOADS]: The provided code template references the '@microsoft/typespec-m365-copilot' library. This is a reference to an official package from a well-known service (Microsoft) used for the intended purpose of the skill and does not constitute a security risk.
- [INDIRECT_PROMPT_INJECTION]: The skill involves creating instructions for AI agents based on user input. While it defines an attack surface where a user could provide malicious instructions for the generated agent, the skill itself follows best practices by providing a structured template and does not process or execute untrusted data itself.
Audit Metadata