skill-creator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials or sensitive file paths were detected. The scripts do not perform network operations.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The Python scripts rely on standard libraries and the
PyYAMLpackage. No remote code execution patterns, such as piping curl to a shell, were found. - [Prompt Injection] (SAFE): The documentation files (
output-patterns.md,workflows.md) provide benign structural templates and examples. There are no instructions aimed at bypassing AI safety guardrails or overriding system prompts. - [Dynamic Execution] (SAFE): The scripts use
yaml.safe_load()for parsing configuration, which is the recommended secure method to prevent arbitrary code execution during YAML deserialization. No use ofeval()orexec()on untrusted input was identified.
Audit Metadata