Skills
skills/jst-well-dan/skill-box/skill-creator/Gen Agent Trust Hub

skill-creator

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION] (SAFE): The scripts do not use subprocess, os.system, or any other method to execute shell commands. Operations are limited to filesystem interactions using standard library modules.
  • [EXTERNAL_DOWNLOADS] (SAFE): No network requests, socket connections, or external resource fetching (e.g., curl, wget) are present in the code.
  • [DATA_EXFILTRATION] (SAFE): File operations are strictly local. The scripts read files for validation and create a ZIP archive locally. No credentials or sensitive data are accessed or transmitted.
  • [REMOTE_CODE_EXECUTION] (SAFE): There is no use of eval(), exec(), or dynamic module loading. The scripts do not download or execute remote code.
  • [PATH_TRAVERSAL] (SAFE): The scripts use pathlib.Path.resolve() to handle input paths and relative_to for ZIP archive creation, which are standard practices for preventing accidental directory traversal during archive generation.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:23 PM