skill-creator
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to perform local file system operations, specifically creating directory structures for new skills using
mkdir -p. - [PROMPT_INJECTION]: The skill is a generator that interpolates user-supplied data into a
SKILL.mdfile, creating a risk of indirect prompt injection. - Ingestion points: Requirements gathered in 'Step 1: Gather Requirements' (Purpose, Triggers, Instructions) are used as content for the generated skill.
- Boundary markers: No boundary markers or 'ignore' instructions are present in the provided templates to isolate user input from the generated instruction set.
- Capability inventory: The skill uses
Bash,Read,Write,Grep, andGlobto manage and validate the created files. - Sanitization: The skill lacks validation or sanitization mechanisms to ensure user-provided text does not contain malicious instructions that could compromise the agent when the generated skill is later activated.
Audit Metadata