skill-generator
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (HIGH): The skill is designed to ingest untrusted user input and generate executable scripts and skill configurations.
- Ingestion points: User descriptions and documentation (SKILL.md).
- Boundary markers: Absent; the process does not define how to isolate user input from the generation logic.
- Capability inventory: Write and Edit tools are permitted, allowing the creation of scripts and files on the filesystem.
- Sanitization: Absent; no escaping or validation of user-provided content is required.
Recommendations
- AI detected serious security threats
Audit Metadata