cursor-skill-creator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Prompt Injection] (SAFE): The skill contains meta-instructions for creating other skills. No attempts to bypass safety filters or override system prompts were found.
- [Data Exposure & Exfiltration] (SAFE): The skill mentions writing to the user's home directory (~/.cursor/skills/), which is the documented location for global Cursor skills. No network requests or sensitive data harvesting patterns were identified.
- [Remote Code Execution] (SAFE): The skill does not perform any remote downloads or execute external scripts. It is purely instructional.
- [Persistence Mechanisms] (SAFE): The skill facilitates the creation of persistent agent capabilities in standard directories (~/.cursor/skills/). This is the intended functionality for Cursor skills and does not represent a malicious backdoor.
- [Indirect Prompt Injection] (SAFE): This skill defines a workflow for processing user-provided descriptions to create new files. Ingestion points: User input during the skill creation process (SKILL.md). Boundary markers: Uses Markdown headers and YAML frontmatter as delimiters. Capability inventory: No code execution, network ops, or unsafe file-writes beyond the skill creation itself (SKILL.md). Sanitization: Relies on the agent's native generation logic.
Audit Metadata