Skills
skills/ydnikolaev/antigravity-factory/skill-creator/Gen Agent Trust Hub

skill-creator

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [Command Execution] (MEDIUM): Path Traversal vulnerability in initialization logic.
  • Evidence: In scripts/init_skill.py, the variable skill_path is constructed using os.path.join(squads_dir, name), where name is a raw command-line argument. A user could provide a relative path like ../../some-sensitive-dir to create directories and files outside of the intended squads/ directory.
  • [Data Exposure] (LOW): Hardcoded developer environment paths.
  • Evidence: Scripts scripts/add_config_awareness.py and scripts/add_mcp_awareness.py contain hardcoded absolute paths: /Users/yuranikolaev/Developer/antigravity/ag-skill-factory/squads. This leaks the developer's local username and file structure.
  • [Indirect Prompt Injection] (LOW): Susceptibility to injection via unvalidated template variables.
  • Ingestion points: scripts/init_skill.py accepts <skill-name> and populates SKILL.md templates.
  • Boundary markers: None.
  • Capability inventory: File writing, directory creation, and shell script generation.
  • Sanitization: No validation or escaping is performed on the name argument before it is used in path construction or string replacement within the skill template.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:37 PM