Skills
skills/panaversity/claude-code-skills-lab/skill-creator/Gen Agent Trust Hub

skill-creator

Pass

Audited by Gen Agent Trust Hub on Feb 22, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION] (SAFE): The scripts package_skill.py and quick_validate.py perform local file system operations limited to zipping and reading skill files. No shell invocation or command injection vulnerabilities were found.
  • [REMOTE_CODE_EXECUTION] (SAFE): quick_validate.py uses the secure yaml.safe_load() method to process metadata, effectively mitigating risks associated with untrusted YAML data.
  • [DATA_EXFILTRATION] (SAFE): Analysis confirms the absence of hardcoded secrets, API keys, or any network-capable code that could be used for data exfiltration.
  • [EXTERNAL_DOWNLOADS] (SAFE): The skill does not include any logic for downloading external scripts or installing third-party packages at runtime.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 22, 2026, 02:08 PM