skill-creator-local
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a meta-utility for developing AI agent skills. Its primary components are Python scripts (
init_skill.py,package_skill.py,quick_validate.py) and documentation files. - [SAFE]: Analysis of the Python scripts reveals standard, safe usage of local file system operations. The scripts utilize the
pathlibmodule for path manipulation and thezipfilemodule for packaging, which are standard practices for developer tools. - [SAFE]: The validation logic in
quick_validate.pyusesyaml.safe_load()to parse frontmatter metadata. This is a security best practice that prevents arbitrary code execution during YAML deserialization. - [SAFE]: No network operations (such as
curl,wget, orrequests) or external data fetching were detected. The skill operates entirely within the local environment specified by the user. - [SAFE]: No obfuscation, hardcoded credentials, or privilege escalation attempts were found. The instructions provided in the markdown files focus on optimization, token efficiency, and progressive disclosure patterns.
Audit Metadata