skill-creator
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes bash commands designed for the agent to automate skill registration. These commands use standard local utilities such as grep, cut, and jq to process local skill files and update a JSON registry. The use of the --arg flag in the jq command ensures that extracted metadata is handled safely, preventing command or JSON injection.
- [SAFE]: No patterns of prompt injection, data exfiltration, or unauthorized network activity were identified. The skill is focused on local development workflows and uses legitimate file-system operations.
Audit Metadata