agent-creator
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill operates as a configuration assistant, converting user input into a structured JSON format. A comprehensive analysis of the instructions and reference documentation found no evidence of malicious patterns, such as hidden commands, unauthorized network access, or data exfiltration.
- [PROMPT_INJECTION]: The skill ingests untrusted user input to define agent instructions in the generated config.json, creating a surface for indirect prompt injection (Category 8).
- Ingestion points: User descriptions and model selections captured in SKILL.md (Steps 1, 2, and 3).
- Boundary markers: No delimiters or instruction-ignoring markers are used when interpolating user input into the configuration template.
- Capability inventory: The skill generates configuration files that define tool permissions, including sensitive tools like power---bash.
- Sanitization: The instructions specify using user-provided strings for models as-is without validation.
Audit Metadata