skill-creator
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a meta-tool for developing other skills. It includes local automation scripts (
init_skill.py,package_skill.py) that perform file system tasks required for the skill lifecycle. These scripts operate exclusively on local paths provided by the user. - [SAFE]: The packaging utility (
package_skill.py) implements security guardrails by verifying that files do not escape the skill root directory and by skipping symbolic links, which prevents potential Zip Slip or data leakage vulnerabilities during redistribution. - [SAFE]: Analysis of the markdown instructions and Python code reveals no evidence of prompt injection, data exfiltration, or obfuscated payloads. The logic is transparent and aligned with the skill's stated purpose.
Audit Metadata