lenny-skillpack-creator
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The
scripts/fetch_refound_skills.pyscript performs network requests torefoundai.comto download skill definitions. While this matches the skill's stated purpose, it involves retrieving and storing content from an external, untrusted source. - [COMMAND_EXECUTION]: The script
scripts/package_skillpack.pyusessubprocess.callto execute the localscripts/lint_skillpack.pyvalidator. This execution uses the current Python interpreter and a path relative to the script location to ensure the linter is run before packaging. - [PROMPT_INJECTION]: As a meta-skill that transforms external data into instructions, the skill is susceptible to indirect prompt injection. Maliciously crafted content from the source domain could result in the generation of skill packs with harmful instructions. The skill includes a
SECURITY_GUIDE.mdwhich provides mitigation advice for authors, such as using delimiters and least-privilege principles.
Audit Metadata