Skills
skills/oimiragieo/agent-studio/agent-creator/Gen Agent Trust Hub

agent-creator

Fail

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/main.cjs exhibits a high-risk code injection vulnerability. In the functions updateRoutingTableKeywords and updateRoutingTableAgents, the name parameter—taken from command-line arguments—is interpolated into template strings that are written back to .claude/lib/routing/routing-table-intent-keywords-data.cjs and .claude/lib/routing/routing-table-intent-agents.cjs. Because these are CommonJS files required by the system, an attacker could provide a name containing single quotes and JavaScript logic to execute arbitrary code within the agent's environment.
  • [COMMAND_EXECUTION]: The skill uses node and npm via spawnSync to execute local project tools for registry generation and integration validation. While these are part of the intended workflow, their orchestration via the vulnerable scripts/main.cjs increases the system's attack surface.
  • [EXTERNAL_DOWNLOADS]: The skill's research workflows fetch data from external domains including bls.gov, mymajors.com, and ongig.com using WebFetch and Exa. The security of this process relies on prompt-based instructions ('Security Review Gate') rather than programmatic validation, leaving the skill vulnerable to indirect prompt injection from the retrieved content.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Apr 21, 2026, 04:09 PM