skill-creator
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, prompt injections, or data exfiltration attempts were detected. The skill's primary purpose is to serve as a development utility.
- [COMMAND_EXECUTION]: The skill includes Python scripts (init_skill.py, package_skill.py, quick_validate.py) designed to be executed by the user. These scripts perform routine file system operations like creating directories, writing template files, and zipping folders. Analysis of the source code shows no use of unsafe functions like eval() or exec(), and input is handled using the pathlib module for path safety.
- [DATA_EXPOSURE]: There are no network operations, hardcoded credentials, or attempts to access sensitive system files (e.g., SSH keys, environment variables). All operations are local to the user-specified directory.
- [PROMPT_INJECTION]: The SKILL.md file contains instructional content for the agent on how to assist users in skill creation. It does not contain any instructions aimed at overriding system prompts or bypassing safety filters.
Audit Metadata