skill-creator
Fail
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: CRITICAL
Full Analysis
- [SAFE]: The skill serves as a legitimate developer tool for scaffolding project structures and contains no malicious logic.
- [COMMAND_EXECUTION]: The scripts
init_skill.pyandpackage_skill.pyperform expected local file system operations, such as creating directories and writing template files, which are essential for its functionality. - [SAFE]: The validation logic in
quick_validate.pyutilizesyaml.safe_load()to parse configuration files, adhering to security best practices to prevent arbitrary code execution vulnerabilities.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata