skill-creator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The scripts perform standard file system operations (reading files, creating directories, and zipping files). No arbitrary command execution or shell injection risks were identified.
- [DATA_EXFILTRATION] (SAFE): No network operations or access to sensitive local files (like SSH keys or credentials) are present.
- [REMOTE_CODE_EXECUTION] (SAFE): The scripts do not download or execute code from remote sources.
- [DYNAMIC_EXECUTION] (SAFE): YAML parsing is handled via
yaml.safe_load(), which prevents code execution through malicious YAML payloads.
Audit Metadata