skill-creator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- COMMAND_EXECUTION (SAFE): The Python scripts
package_skill.pyandquick_validate.pyperform local file system operations usingpathlibandzipfilewithout invoking shell commands or unsafe subprocesses. - EXTERNAL_DOWNLOADS (SAFE): No network operations, remote script downloads, or external requests were detected.
- CREDENTIALS_UNSAFE (SAFE): The files were scanned for hardcoded secrets, API keys, and sensitive file paths; no exposures were found.
- PROMPT_INJECTION (SAFE): The reference documentation contains templates and patterns for developers but does not include instructions intended to bypass safety filters or override agent behavior.
- DYNAMIC_EXECUTION (SAFE): The skill utilizes
yaml.safe_load()for parsing configuration data, which is a secure practice to prevent arbitrary object instantiation.
Audit Metadata