create-agent-skill
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill processes user-provided input through the
$ARGUMENTSvariable and passes it directly to thecreate-agent-skillstool. This represents a functional surface for indirect prompt injection, as malicious instructions could be embedded in the user-provided description or requirements. However, this behavior is essential for the skill's primary purpose and no evidence of intentional bypass or malicious patterns was found in the skill's code. - Ingestion points:
$ARGUMENTSinSKILL.md. - Boundary markers: None detected.
- Capability inventory: Invokes the
create-agent-skillstool. - Sanitization: No explicit sanitization or delimiting of the input variable before passing it to the tool.
Audit Metadata