skill-creator
Warn
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/init_skill.pyperforms dynamic code generation by injecting a user-providedskill_nameinto a Python script template using string formatting. Because the input is not sanitized within the initialization script, a maliciously crafted skill name (e.g., containing triple-quotes and Python commands) could inject arbitrary executable logic into the resultingexample.pyfile. The skill's primary instructions inSKILL.mdspecifically direct the agent to execute these generated scripts for testing, which completes a path to arbitrary code execution. - [COMMAND_EXECUTION]: The
scripts/init_skill.pyscript programmatically useschmod(0o755)to make the generatedexample.pyscript executable. While intended to facilitate development, this automatic granting of execution permissions increases the risk associated with the code injection vulnerability in the generation process.
Audit Metadata