make-skill
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill operates as a structural template and does not perform any direct network, file system, or privileged operations. It provides guidance on creating markdown files and uses standard instructions for agent behavior.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it ingests user-provided workflow descriptions to generate new skill files. However, this behavior is central to its purpose as a generator and no evidence of malicious overrides or safety bypasses was found.
- Ingestion points: Captured workflow details (name, description, steps, rules) in Phase 1 of SKILL.md.
- Boundary markers: Absent; user inputs are directly translated into the structured phases of the generated skill.
- Capability inventory: Generation of markdown files and instruction to call the
/publish-skilltool. - Sanitization: None; the skill relies on the agent's logic to transform user input into the requested format.
Audit Metadata