skill-validator
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill is a security auditing tool. It contains signatures and regex patterns (e.g., [SYSTEM:, BYPASS, API_KEY) used to detect vulnerabilities in other skills. These patterns are part of its scanning engine and do not represent malicious intent in the skill itself.
- [COMMAND_EXECUTION]: The validator orchestrator (
validator.py) and trigger evaluation runner (run_skill_evals.py) utilizesubprocess.runto execute local Python scripts and theopencodeCLI. This is necessary for its primary purpose of validating and testing other skills. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it processes untrusted data from target skills being validated.
- Ingestion points: The skill reads the
SKILL.mdand script files of the target folder provided by the user. - Boundary markers: The agent is guided by strict output templates and reporting instructions defined in the
SKILL.mdfile. - Capability inventory: The skill can read local files and execute subprocesses (local scripts and the platform CLI).
- Sanitization: The skill implements its own security scanner (
security_audit.py) specifically designed to detect and flag injection attempts, hardcoded secrets, and unsafe operations in the ingested data. - [SAFE]: No obfuscation, data exfiltration, or persistence mechanisms were detected. The skill uses standard Python libraries and operates locally on the filesystem.
Audit Metadata