skill-creator-thepexcel
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill features an Enhancement Mode that requires reading and auditing existing skill files. This establishes a surface for indirect prompt injection where untrusted data from target skills is ingested into the agent context. Evidence: 1. Ingestion: Target skill files are read during the AUDIT phase. 2. Boundary Markers: No specific delimiters are used to isolate external skill content. 3. Capability Inventory: Includes local file write operations via init_skill.py. 4. Sanitization: Employs yaml.safe_load for parsing metadata.
- [COMMAND_EXECUTION]: The script init_skill.py manages local file system operations to set up new skill directories. It creates template files and applies execution permissions using chmod 755 on generated scripts to facilitate immediate use in development workflows.
- [DATA_EXPOSURE]: No sensitive data access or network-based exfiltration patterns were found. The documentation identifies typical local deployment directories and symlinking procedures for skill management.
Audit Metadata