skill-system-foundry
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected in the skill's instructions, metadata, or scripts.
- [COMMAND_EXECUTION]: The skill includes several Python scripts (
validate_skill.py,audit_skill_system.py,scaffold.py,bundle.py) designed to manage the skill lifecycle. These scripts use standard library modules (os,shutil,zipfile) for file manipulation and directory traversal. Analysis shows they are well-bounded to the local filesystem and do not execute external payloads or perform unauthorized command injection. - [DATA_EXFILTRATION]: The
bundle.pyscript and its associated library (scripts/lib/bundling.py) include logic to package skills into archives. This logic implements significant security safeguards, including anexclude_patternslist inconfiguration.yamlthat prevents the inclusion of sensitive directories (like.git,__pycache__, and platform-specific hidden files) in the generated bundles. Furthermore, the script uses ais_within_directorycheck to prevent path traversal attacks, ensuring the bundler cannot be manipulated into reading files outside the defined system root. - [INDIRECT_PROMPT_INJECTION]: The skill defines a surface for processing untrusted data (user-defined skill names and descriptions). However, it mitigates this through strict validation logic in
scripts/lib/validation.py, which enforces character limits, naming conventions, and prohibits specific keywords related to known AI vendor restrictions.
Audit Metadata