skill-creator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): No security issues were detected across the analyzed files. The scripts perform intended utility functions (validation and packaging) without risky behaviors.- [COMMAND_EXECUTION] (SAFE): The Python scripts perform standard file operations (reading, zipping) using absolute paths derived from the script location. No arbitrary command injection vectors were found.- [DATA_EXFILTRATION] (SAFE): There are no hardcoded credentials, sensitive file access (like SSH keys), or network-related code in any of the files.- [DYNAMIC_EXECUTION] (SAFE): The validation script correctly uses
yaml.safe_load()to parse YAML frontmatter, preventing potential code execution vulnerabilities associated with unsafe YAML loading.
Audit Metadata