skill-designer-agent-skills
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns detected. The utility scripts (init_skill.py, package_skill.py, quick_validate.py) perform local file system operations, such as creating directory structures and bundling files into zip archives, which are consistent with their stated purpose of helping developers build and package skills.
- [EXTERNAL_DOWNLOADS]: The skill documentation identifies
pyyamlas a requirement; this is a well-known and trusted library from the official Python package registry. - [COMMAND_EXECUTION]: The
init_skill.pyscript useschmodto set executable permissions on a template script it creates. This is a standard and expected operation for a tool that generates executable boilerplate. - [SAFE]: The
quick_validate.pyscript follows security best practices by usingyaml.safe_load()for parsing skill metadata, preventing potential code execution via malicious YAML tags.
Audit Metadata