Skills
skills/madebyecho/agent-skills/skill-creator/Gen Agent Trust Hub

skill-creator

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the subprocess module across multiple utility scripts to execute system commands and external tools.
  • scripts/run_eval.py and scripts/run_loop.py execute the claude CLI to test generated skills and optimize descriptions.
  • eval-viewer/generate_review.py executes lsof and kill to manage the local web server port for the evaluation viewer.
  • scripts/package_skill.py executes python to run validation scripts before bundling skills into .skill files.
  • [EXTERNAL_DOWNLOADS]: The eval-viewer/viewer.html file includes a script reference to cdn.sheetjs.com to load the SheetJS library, which is used to render Excel (.xlsx) files within the evaluation report. This is a well-known service for client-side spreadsheet processing.
  • [DATA_EXPOSURE]: The eval-viewer/generate_review.py script reads the contents of output files from test runs and embeds them as Base64-encoded strings into a self-contained HTML file. This behavior is necessary for the skill's primary function of facilitating human review of generated content.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 09:48 PM