Skills
skills/montimage/skills/skill-creator/Gen Agent Trust Hub

skill-creator

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local Python scripts to automate the skill development lifecycle.
  • Evidence: scripts/init_skill.py, scripts/package_skill.py, and scripts/quick_validate.py are used to create directories, write files, and bundle resources.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because user-provided requirements are directly incorporated into generated instructions.
  • Ingestion points: User requirements and examples for new skill creation entering the context during the 'Understand' and 'Plan' phases (SKILL.md).
  • Boundary markers: None; there are no delimiters or 'ignore embedded instructions' warnings for user-provided content when generating the SKILL.md template.
  • Capability inventory: File system write access and execution via scripts/init_skill.py and bundling capabilities via scripts/package_skill.py.
  • Sanitization: None; user strings are written directly to SKILL.md and other template files without validation or escaping.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 03:26 PM