skill-share
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill facilitates standard developer productivity workflows by providing templates for skill creation and automated packaging. All described functionalities align with the stated purpose of a scaffolding utility.
- [COMMAND_EXECUTION]: The skill automates the creation of directory structures and metadata files (SKILL.md, scripts/, assets/) within the development workspace. This is expected behavior for a skill scaffolding tool.
- [DATA_EXFILTRATION]: Slack integration is used to share skill metadata (name and description) with team members. This functionality leverages designated tools like SLACK_SEND_MESSAGE for its documented purpose of team collaboration.
- [PROMPT_INJECTION]: The skill processes user-supplied input (name and description) to generate skill documentation and Slack notifications, which constitutes an indirect prompt injection surface.
- Ingestion points: User-provided skill names and descriptions in SKILL.md.
- Boundary markers: None identified in the instructional content.
- Capability inventory: File system write access and Slack messaging capabilities.
- Sanitization: No specific sanitization or escaping of user input is described in the prompt logic.
Audit Metadata