Skills
skills/jamie-bitflight/claude_skills/skill-creator/Gen Agent Trust Hub

skill-creator

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses dynamic context injection (!command) in the SKILL.md file to discover existing skills and the current working directory at load time. This information is used to provide the agent with local environment context for the skill creation process.
  • [COMMAND_EXECUTION]: The bundled evaluation scripts (run_eval.py, run_loop.py) utilize subprocess.Popen to execute the claude CLI. This allows the skill to perform automated testing of skill descriptions to ensure they trigger correctly on specific user queries.
  • [COMMAND_EXECUTION]: The evaluation review generator (generate_review.py) uses subprocess.run to call the lsof utility. This is used for cleanup to ensure the target port is available before starting the local web server for the results viewer.
  • [EXTERNAL_DOWNLOADS]: The evaluation viewer (viewer.html) fetches the SheetJS (xlsx) library from a well-known CDN (cdn.sheetjs.com). This library is used to render spreadsheet files locally within the browser during results review.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 08:41 AM