make-skill-template
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMPROMPT_INJECTION
Full Analysis
- Prompt Injection (MEDIUM): The skill possesses an indirect prompt injection surface (Category 8). It ingests untrusted user input to generate executable-like markdown files and directory structures.
- Ingestion points: User prompts triggered by phrases like "create a skill" or "make a new skill" serve as inputs for the generated content.
- Boundary markers: The template lacks explicit boundary markers or instructions to the agent to ignore potentially malicious instructions embedded within the user's request for a new skill.
- Capability inventory: The skill allows the agent to create directories and write content to
SKILL.mdfiles, which define the behavior of future agent interactions. - Sanitization: There is no evidence of sanitization or validation of the input strings before they are interpolated into the generated skill's frontmatter or body.
Audit Metadata