skill-creator
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides an initialization script (
init_skill.py) and instructions for the agent to use shell commands such aschmodandlnto configure skill directories and link them to the agent's command path. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface (Category 8) because it uses user-provided names and descriptions to generate file content and directory paths.
- Ingestion points: User input passed as arguments to
init_skill.pyand content written toSKILL.md. - Boundary markers: Absent; user strings are interpolated directly into templates without explicit delimiters.
- Capability inventory: The skill utilizes file system capabilities including directory creation, file writing, permission modification, and symlink creation.
- Sanitization: Absent; the initialization script does not rigorously sanitize the skill name argument, which is a common pattern for local developer tools.
Audit Metadata