skill-creator
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The workflow involves using command-line tools such as 'npx skills list' and 'skills-ref validate' to verify skill structure and repository discovery. These tools are part of the standard development lifecycle for agent skills.
- [EXTERNAL_DOWNLOADS]: The documentation references external resources and repositories from trusted vendors, including Anthropic, OpenAI, and Vercel Labs, for research and design alignment.
- [PROMPT_INJECTION]: The skill acts as a factory for new instructions, ingesting user-provided intents and examples. It includes specific safety guidelines instructing the agent to refuse requests for creating skills intended for malicious purposes, such as malware or data exfiltration. Evidence Chain: 1. Ingestion points: User conversation context and intent identification in SKILL.md. 2. Boundary markers: None explicitly mentioned for the generated markdown output. 3. Capability inventory: Command execution via npx and validation tools. 4. Sanitization: Explicit safety refusal instructions in the 'Safety and integrity' section.
Audit Metadata