skill-creation-guide
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXFILTRATION] (SAFE): The
scripts/package_skill.pyutility is designed to archive skill directories into .skill (ZIP) files. It utilizes standard library modules and path resolution to create archives of local content. There are no network calls or attempts to access sensitive system directories outside the target skill folder. - [REMOTE_CODE_EXECUTION] (SAFE): No remote code execution patterns or unsafe dynamic code execution were found. The script
scripts/quick_validate.pycorrectly usesyaml.safe_load()to process frontmatter, preventing YAML deserialization attacks. - [PROMPT_INJECTION] (SAFE): Documentation files
references/output-patterns.mdandreferences/workflows.mdcontain structural templates and workflow guides. These are used to provide formatting instructions to the agent and do not contain override markers, role-play injections, or instructions to bypass safety guidelines.
Audit Metadata