agent-creator
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill functions as a template-driven assistant for scaffolding agent definitions and does not exhibit malicious patterns.- [COMMAND_EXECUTION]: The skill performs local file system operations to create agent markdown files and update project manifests such as marketplace.json.- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it generates executable agent configurations based on user-supplied text.
- Ingestion points: User input provided during the six-phase questionnaire described in SKILL.md.
- Boundary markers: None explicitly defined; user responses are recorded verbatim into the generated prompt.
- Capability inventory: The skill writes agent markdown files to local or user directories.
- Sanitization: No sanitization or validation of user-provided content is performed before file creation.
Audit Metadata