skill-laws
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to use the
mkdircommand to initialize directory structures for new skills (e.g.,.skills/{skill-name}/scripts). These operations are limited to organizational tasks within the local environment. - [DATA_EXPOSURE]: It employs
ReadandWritetools to manage skill files. Access is restricted to the skill's own directory hierarchy, and no sensitive system files or hardcoded credentials were identified. - [PROMPT_INJECTION]: The skill processes external skill files during its optimization and evaluation modes, creating an indirect prompt injection surface. It analyzes these files to enforce structural compliance (e.g., checking for specific frontmatter fields and table formats). The ingestion point is the
Readtool inSKILL.md, and while explicit boundary markers and sanitization for the content of processed skills are absent, the risk is mitigated by the skill's focus on structural rather than executable content. Capabilities involveWriteandSearchReplacetools for correcting document formatting.
Audit Metadata