skill-creator
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill includes three bash scripts (
init-skill.sh,list-descriptions.sh,validate-skill.sh) used for automation. These scripts perform standard file operations (directory creation, file copying, and text parsing) using utilities likesed,awk, andgrep. All operations are restricted to the local environment and intended directory paths. - DATA_EXPOSURE (SAFE): The
validate-skill.shand03-update-patterns.mdfiles explicitly include logic to search for and replace potential sensitive data such as internal IP addresses (e.g., 192.168.x.x) and infrastructure IDs with placeholders, acting as a security linter. - PROMPT_INJECTION (SAFE): While the skill contains instructions and rules for the agent, these are meta-instructions for creating documentation and do not attempt to bypass core AI safety filters or override system prompts.
Audit Metadata