create-agent-skills
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [PROMPT_INJECTION] (SAFE): No instructions designed to bypass safety filters or override agent constraints were found. The use of XML tags and routing logic is standard for agentic workflows.
- [DATA_EXFILTRATION] (SAFE): No network operations (curl, wget, fetch) or access to sensitive system paths (credentials, ssh keys) are present.
- [REMOTE_CODE_EXECUTION] (SAFE): No remote script downloads or piped execution patterns (curl | bash) were detected.
- [INDIRECT_PROMPT_INJECTION] (INFO): The skill defines a router for 'auditing' and 'modifying' other skills. While this describes a future capability to process untrusted filesystem data, this specific SKILL.md file lacks the functional workflows or executable scripts to perform those actions, posing no immediate risk.
- [OBFUSCATION] (SAFE): No encoded strings (Base64), zero-width characters, or homoglyphs were identified after normalization.
Audit Metadata