skill-creator
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill contains utility scripts (
init_skill.py,package_skill.py) designed to manage the local file system. These scripts create directories, write template files, and generate ZIP archives to facilitate the development and packaging of new skills. - [COMMAND_EXECUTION]: The
init_skill.pyscript programmatically sets executable permissions (0o755) on a generated template script. While this involves privilege modification, it is restricted to the newly created template and is a necessary function for the skill's intended use as a development tool. - [SAFE]: The validation logic in
quick_validate.pyusesyaml.safe_load()to process skill metadata. This follows security best practices by preventing arbitrary code execution during the deserialization of YAML data. - [SAFE]: The skill architecture adheres to progressive disclosure principles, keeping the primary instruction file concise and referencing external documentation only when necessary to manage context efficiency.
Audit Metadata