agent-creator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- Prompt Injection (SAFE): The skill contains phrases like 'CRITICAL: CLARIFY BEFORE CODING'. Analysis confirms these are operational safety guardrails (Stop & Ask protocol) meant to ensure the agent gathers necessary requirements from the user, not attempts to override the model's core safety filters.
- Indirect Prompt Injection (SAFE): The skill uses user input to generate agent documentation. 1. Ingestion points: User input defining the agent's goal and domain in Step 1. 2. Boundary markers: Structured Markdown headers in the assets/agent_template.md file help organize content, though explicit delimiters for user input are not specified. 3. Capability inventory: Mentions the 'Write' tool for saving files and 'Bash' for validation steps in the Quality Control Loop. 4. Sanitization: No explicit sanitization of user goals is performed, but as the output is a configuration markdown file for local agent setup, the risk of malicious payload execution is negligible.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials or sensitive system paths are accessed. The skill writes to a dedicated directory (.agent/agents/) for configuration management.
- Remote Code Execution (SAFE): The skill provides a process and a template; it does not download, install, or execute any third-party packages or remote scripts.
Audit Metadata