rust-skill-creator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) because its core purpose is to ingest untrusted external documentation to generate executable skill files.
- Ingestion points: Processes content from arbitrary user-provided URLs and constructed paths to
docs.rsandrust-lang.orgas described in Step 1 and Step 3. - Boundary markers: Absent; the workflow does not specify delimiters or instructions to ignore malicious content embedded within the documentation files.
- Capability inventory: The skill leverages
/create-llms-for-skillsand/create-skills-via-llmswhich have the capability to parse external data and write new skill configurations to the local filesystem at~/.claude/skills/. - Sanitization: No sanitization, escaping, or validation of the documentation content is performed before it is used to generate new agent instructions.
Audit Metadata