create-agent-skills
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill makes extensive use of the Bash tool to perform file system operations (e.g.,
ls,cat,mkdir,chmod) and interact with development utilities likegitandghto manage project state. - [COMMAND_EXECUTION]: The skill utilizes Dynamic Context Injection syntax (e.g.,
!gh pr diff``) to execute shell commands and inject their output directly into the prompt context at load time. - [COMMAND_EXECUTION]: In
references/api-security.md, the skill documents a bash pattern usingevalfor dynamic environment variable remapping (e.g.,eval echo \$${SERVICE_UPPER}_${PROFILE_UPPER}_API_KEY). This technique can be vulnerable to command injection if the variables being evaluated (such as profile names) are derived from unsanitized user input. - [EXTERNAL_DOWNLOADS]: The skill provides instructions for installing third-party libraries from official registries (PyPI and npm), including
pdfplumber,pypdf, anddocx-js, to extend agent capabilities. - [REMOTE_CODE_EXECUTION]: Through workflows like
add-script.md, the skill facilitates the automated creation and execution of local shell, Python, and Node.js scripts. While designed for reliability, this creates a surface where logic generated during the session is executed on the host system.
Audit Metadata