Skills
skills/paulrberg/agent-skills/create-skill/Gen Agent Trust Hub

create-skill

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by retrieving external documentation that guides the content and structure of new skills.
  • Ingestion points: The skill performs a WebFetch to https://agentskills.io to retrieve the latest specification.
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to prevent it from obeying instructions potentially embedded in the fetched documentation.
  • Capability inventory: The skill has the capability to modify the file system via mkdir, write SKILL.md files, and create symlinks using ln -s.
  • Sanitization: No sanitization or schema validation is performed on the data retrieved from the external source before it is processed by the agent.
  • [EXTERNAL_DOWNLOADS]: The skill performs network operations to https://agentskills.io. While this is intended for fetching documentation, the use of non-whitelisted external domains for instructional data carries a minor inherent risk.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 01:34 PM