Skills
skills/synapseradio/ai-skills/create-skill/Gen Agent Trust Hub

create-skill

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches configuration and instructions from Anthropic's official 'claude-plugins-official' and 'skills' repositories. These are verified trusted sources.
  • [COMMAND_EXECUTION]: Executes a local setup script (ensure_spec_repo.sh) to synchronize the Agent Skills Specification and utilizes claude install-skill to deploy the 'skill-creator' utility.
  • [PROMPT_INJECTION]: The research workflow (workflow-research.md) uses WebFetch to ingest content from the internet. This creates a surface for indirect prompt injection where malicious instructions on a webpage could influence the agent.
  • Ingestion points: references/workflow-research.md (WebFetch calls to arbitrary URLs found via search).
  • Boundary markers: Lacks explicit delimiters but includes strong instructions to prioritize official documentation and cite all sources.
  • Capability inventory: Writing to the filesystem (workflow-author.md), executing shell scripts (ensure_spec_repo.sh), and installing extensions (claude install-skill).
  • Sanitization: Mitigation depends on the multi-agent review process (workflow-review.md) and anti-hallucination constraints that require facts to trace back to cited documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 11:50 PM