skill-creator-anthropic
Warn
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: MEDIUMSAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill's metadata is misleading and contradictory. The YAML frontmatter identifies the author as "Anthropic" and the license as "Proprietary," yet the included LICENSE.txt is an Apache 2.0 license and the skill is provided by an external author. This mismatch is considered deceptive metadata.
- [PROMPT_INJECTION]: The skill provides an indirect prompt injection surface by generating skill files based on user-provided input.
- Ingestion points: The
skill_nameandpatharguments inscripts/init_skill.py. - Boundary markers: None present in the generated templates to separate system-provided boilerplate from interpolated user input.
- Capability inventory: The skill has the ability to create directories and write files via the
init_skill.pyscript and package them usingpackage_skill.py. - Sanitization:
scripts/quick_validate.pyperforms basic regex validation to ensure the skill name conforms to kebab-case conventions. - [COMMAND_EXECUTION]: The skill contains Python scripts that perform local file system operations, such as directory creation and file writing. These operations are necessary for its functionality as a scaffolding tool and do not involve the execution of arbitrary shell commands or remote code.
Audit Metadata