skill-creator
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute several local Python scripts via the
uvpackage manager. These includeinit_skill.pyfor scaffolding,quick_validate.pyfor structural checks, andpackage_skill.pyfor distribution. - Evidence: SKILL.md contains specific shell commands such as
uv run scripts/init_skill.pyanduv run scripts/package_skill.py. - [EXTERNAL_DOWNLOADS]: The skill provides guidelines for dependency management that involve using standard package managers like
uv,npm,pip, andcargo. These operations fetch packages from official, well-known registries (e.g., PyPI, NPM) to support the functionality of the generated skills. - Evidence: SKILL.md includes a 'Using Skills with Dependencies' section describing the use of standard commands like
npm installanduv run scripts/check_dependencies.py --install. - [SAFE]: The skill performs file system operations such as creating directories and writing template-based scripts. These actions are restricted to the local workspace and are necessary for the skill's stated objective of automating the skill creation process.
Audit Metadata