skill-creator
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- SAFE (SAFE): No malicious patterns or vulnerabilities were identified. The scripts perform expected tasks using secure methods.
- SAFE (SAFE): The validation script correctly uses yaml.safe_load() to prevent arbitrary code execution vulnerabilities during the parsing of skill metadata.
- SAFE (SAFE): The packaging script utilizes pathlib for robust path manipulation and resolves paths to ensure operations remain within intended directory boundaries.
- SAFE (SAFE): The validation script enforces strict constraints on skill metadata, including character restrictions, length limits, and hyphen-case regex matching for names, which mitigates risks associated with processing external content.
Audit Metadata