skill-creator
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The security review found no indicators of malicious intent or safety bypasses within the skill's documentation or scripts.
- [COMMAND_EXECUTION]: Utility scripts such as init_skill.py and package_skill.py perform filesystem operations like creating directories and ZIP files. These are implemented using standard Python libraries (pathlib, zipfile) and are restricted to the local directory context, posing no security risk.
- [SAFE]: The quick_validate.py script uses safe YAML parsing methods (yaml.safe_load) to ensure that skill configuration files are processed securely.
- [SAFE]: There are no hardcoded secrets, unauthorized network requests, or attempts to access sensitive system files.
Audit Metadata