agent-skill-use
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes Bash commands to perform local directory management and file creation (e.g., mkdir, cat). These operations are restricted to the local workspace and are used solely for the purpose of scaffolding agent skill configurations.
- [INDIRECT_PROMPT_INJECTION]: The skill serves as a meta-tool for generating further AI agent instructions. While it provides templates for various tasks (DevOps, Integration, Quality), it does not ingest external untrusted data into its own runtime or provide a path for unauthorized execution of remote content. The template patterns included are standard for development workflows.
- [CREDENTIALS_UNSAFE]: Templates include placeholders for environment variables (e.g., SERVICE_TOKEN: "xxx"), but no actual secrets, hardcoded keys, or sensitive credentials are present in the skill code.
Audit Metadata