Skills
skills/kycloudtech/quickcreator-skills/quickcreator-skill-builder/Gen Agent Trust Hub

quickcreator-skill-builder

Pass

Audited by Gen Agent Trust Hub on Feb 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill identifies the user's environment by inspecting file paths and automates the configuration of AI assistant settings. It modifies files such as ~/.cursor/mcp.json and ~/.claude.json to register the QuickCreator MCP server. It also utilizes shell_execute and code_execute for internal workflows.
  • [EXTERNAL_DOWNLOADS]: The skill's requirements.sh file installs the google-genai Python package using pip. This is a verified library from a well-known service (Google) used for the skill's video generation template.
  • [REMOTE_CODE_EXECUTION]: The skill uses npx to execute the @quickcreator/skill-mcp package. This package is provided by the vendor (kycloudtech) and serves as the bridge between the AI assistant and the QuickCreator platform.
  • [PROMPT_INJECTION]: The skill builder exhibits an indirect prompt injection surface because it reads and processes external skill descriptions from the QuickCreator marketplace.
  • Ingestion points: The list_skills and search_marketplace tools retrieve skill metadata from remote servers.
  • Boundary markers: No specific delimiters are used to wrap or isolate marketplace content from the agent's primary instructions.
  • Capability inventory: The skill builder has access to high-privilege tools, including arbitrary shell and code execution and file write capabilities.
  • Sanitization: The instructions do not specify validation or sanitization of content retrieved from the marketplace before it is analyzed or presented to the user.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 26, 2026, 04:54 AM