add-skill
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill serves a legitimate administrative purpose (meta-skill creation). Analysis of the workflow shows no attempts at obfuscation, credential theft, or unauthorized persistence.
- [COMMAND_EXECUTION] (SAFE): The skill uses basic shell commands (
mkdir,ls,cat) to manage the local filesystem. Security risk is mitigated by explicit validation rules that restrict skill names to a safe character set (lowercase letters, numbers, and hyphens), preventing path traversal or command injection attacks. - [EXTERNAL_DOWNLOADS] (SAFE): The skill fetches content from
code.claude.comand referencesgithub.com/anthropics/skills. These are official and trusted sources for the target platform.
Audit Metadata