skill-creator
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill serves as a generator for new AI skills, creating a surface where user-provided instructions could result in the creation of malicious skills with broad permissions.\n
- Ingestion points: User input processed via the SKILL.md and assets/SKILL-TEMPLATE.md templates.\n
- Boundary markers: The templates do not define explicit delimiters or instructions to ignore embedded prompts in user-provided content.\n
- Capability inventory: Skills created via this tool have access to Bash, Write, Edit, and WebFetch tools.\n
- Sanitization: No sanitization logic is present to filter or validate user-provided data before it is written to new skill files.\n- SAFE (SAFE): No evidence of obfuscation, hardcoded credentials, or unauthorized remote code execution was found in the skill documentation or templates.
Audit Metadata