skill-creator
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill includes local Python scripts (
init_skill.py,package_skill.py) designed to assist in the development lifecycle. These scripts perform routine file system operations such as directory creation, writing template files, and archiving content into zip files. - [SAFE]: Script generation logic in
init_skill.pysets file permissions to executable (0o755) for scaffolding purposes, which is standard for developer tools and confined to the user-specified project directory. - [SAFE]: The validation logic in
quick_validate.pyutilizesyaml.safe_load(), which is the industry-standard method for preventing unsafe deserialization vulnerabilities when processing YAML metadata. - [SAFE]: No patterns of prompt injection, data exfiltration, or obfuscation were identified. The skill does not perform any network requests or access sensitive system paths.
Audit Metadata