skill-creator
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill contains Python scripts (
init_skill.py,package_skill.py,quick_validate.py) intended for local use. They perform standard file system tasks such as directory creation, writing template files, and ZIP packaging. These actions are transparent and necessary for the skill's utility as a creator tool.\n- [SAFE]: The validation logic inquick_validate.pycorrectly usesyaml.safe_load(), preventing unsafe deserialization vulnerabilities.\n- [SAFE]: Whileinit_skill.pyuseschmod(0o755)on a generated script, this is a standard operation for a development tool creating executable templates from hardcoded strings, rather than a privilege escalation attempt.\n- [DATA_EXFILTRATION]: No network-enabled tools or sensitive data access patterns were identified. All operations are confined to the user-specified local paths.\n- [PROMPT_INJECTION]: The markdown content provides purely instructional guidance for skill development and does not include any attempt to subvert AI safety protocols or system prompts.
Audit Metadata