Skills
skills/krishamaze/skills/skill-creator/Gen Agent Trust Hub

skill-creator

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The eval-viewer/viewer.html component loads the SheetJS library (xlsx.full.min.js) from cdn.sheetjs.com and typography assets from fonts.googleapis.com. These are well-known technology providers used for the skill's evaluation visualization features.
  • [COMMAND_EXECUTION]: The scripts/run_eval.py script uses subprocess.Popen to execute the claude CLI. This allows the skill to programmatically verify triggering behavior by simulating user queries against a temporary skill configuration.
  • [COMMAND_EXECUTION]: The eval-viewer/generate_review.py script invokes lsof via subprocess.run to detect and terminate any existing processes bound to the target port (3117). This is a routine operation to ensure the local feedback server can initialize without conflicts.
  • [COMMAND_EXECUTION]: The skill utilizes several internal Python scripts (aggregate_benchmark.py, package_skill.py) to manage data processing and skill distribution, which are executed via the command line as part of the intended workflow.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 05:25 PM