skill-creator
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill functions as a meta-utility for skill development and does not contain any prompt injection attacks, obfuscation, or unauthorized data access.
- [COMMAND_EXECUTION]: The skill employs internal XML tags such as <spawn_subagent> and <dispatch_agents> to manage task execution and performance testing. These are controlled orchestration tools utilized for the skill's primary purpose.
- [PROMPT_INJECTION]: The skill creates a surface for potential indirect prompt injection by ingesting and processing user-defined test prompts. Ingestion points: User-provided prompts are loaded from evals/evals.json into sub-agent task prompts. Boundary markers: XML tags are used to encapsulate task instructions. Capability inventory: The skill can spawn sub-agents and save evaluation results to local file paths. Sanitization: No specific input sanitization or instruction-filtering mechanisms are mentioned for the ingested test content.
Audit Metadata