skill-creator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- SAFE (SAFE): The skill is composed entirely of Markdown documentation and templates. There are no executable scripts (.py, .js, .sh) or configuration files that trigger automated actions.
- Indirect Prompt Injection (LOW):
- Ingestion points: The skill facilitates the creation of new files based on user-provided strings (name, description, functionality). This creates a surface where a user could provide malicious instructions to be embedded into the generated files.
- Boundary markers: The templates use standard YAML frontmatter delimiters (
---) and Markdown headers to separate metadata from instructions. - Capability inventory: The primary capability is the generation of text files (
SKILL.md,README.md) on the local filesystem. - Sanitization: The skill relies on the base AI model's inherent safety filters and does not include custom sanitization logic for the templates, which is appropriate for its purpose as a template library.
- External Downloads (SAFE): While the templates (e.g.,
06_utility_tool.md) provide examples of network operations likecurlornpm install, these are illustrative placeholders within documentation and do not represent active execution patterns within the skill itself. - Credentials (SAFE): No hardcoded API keys or secrets were detected. The templates specifically advise users to use environment variables for sensitive data.
Audit Metadata