skill-creator
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOWCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- [SAFE] (INFO): No malicious instructions, prompt injections, or obfuscation techniques were identified within the provided documentation or scripts. The skill provides legitimate development utilities.\n- [COMMAND_EXECUTION] (LOW): The
package_skill.pyscript performs file system operations to read skill files and bundle them into a zip archive. These operations are standard for a packaging utility and do not involve arbitrary shell command execution.\n- [REMOTE_CODE_EXECUTION] (SAFE): The validation logic inquick_validate.pycorrectly utilizesyaml.safe_load()to parse frontmatter content, effectively preventing potential unsafe object deserialization attacks.
Audit Metadata