skill-writer
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Prompt Injection] (SAFE): The skill contains focused, task-oriented instructions without attempts to bypass system constraints or override safety protocols.- [Command Execution] (SAFE): The skill references standard shell commands such as 'mkdir', 'ls', and 'cat' for managing local directory structures and verifying file content. These are appropriate for a developer productivity tool.- [External Downloads] (SAFE): No remote scripts, external downloads, or unverifiable dependencies are referenced for execution by the skill itself.- [Data Exposure & Exfiltration] (SAFE): Access is confined to designated skill directories (~/.claude/skills/). There are no hardcoded credentials or patterns suggesting exfiltration of sensitive information.- [Indirect Prompt Injection] (SAFE): The skill is a template generator that does not process untrusted external content (e.g., web pages, emails), minimizing its surface as a vector for indirect injection attacks.
Audit Metadata