skill-creator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Data Exposure & Exfiltration] (SAFE): The scripts operate exclusively on the local filesystem. No network operations, API calls, or hardcoded credentials were detected. Path handling is performed using the robust
pathlibmodule. - [Unverifiable Dependencies & Remote Code Execution] (SAFE): All imports (
sys,zipfile,pathlib,os,re) are part of the Python standard library. No external or untrusted packages are required. - [Indirect Prompt Injection] (SAFE): The
quick_validate.pyscript includes a security-positive check that prevents the use of angle brackets (<,>) in descriptions, which mitigates potential injection or rendering issues in downstream UIs. - [Command Execution] (SAFE): No instances of
os.system,subprocess,eval, orexecwere found. The code is limited to file I/O, path manipulation, and regex validation. - [Privilege Escalation] (SAFE): The scripts do not attempt to gain administrative privileges or modify system-level configurations.
Audit Metadata