skill-creator
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides Python utilities (init_skill.py, package_skill.py) that perform local file system operations such as directory creation, file writing, and ZIP archival as part of the skill creation workflow.\n- [SAFE]: No obfuscation, hardcoded credentials, or unauthorized network operations were detected in the skill assets or documentation.\n- [PROMPT_INJECTION]: The skill's instructions are focused on development guidance and do not contain sequences designed to bypass model safety filters or override system prompts.\n- [SAFE]: The skill includes an attack surface for processing untrusted data via its project initialization scripts.\n
- Ingestion points: Skill names and descriptions passed to scripts/init_skill.py.\n
- Boundary markers: Absent in generated templates.\n
- Capability inventory: Local file and directory management across included Python scripts.\n
- Sanitization: Name format validation and character filtering implemented in scripts/quick_validate.py.
Audit Metadata