skill-creator
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The SKILL.md body directs the agent to test created scripts by executing them. The initialization script also sets file execution bits via chmod. These actions are appropriate for the skill's purpose as a developer tool.
- [PROMPT_INJECTION]: The skill facilitates content generation from user inputs, creating an indirect injection surface. 1. Ingestion: User provides skill parameters and logic. 2. Boundaries: No explicit boundary markers in the generated files. 3. Capability: The skill involves writing files and executing scripts. 4. Sanitization: Validation is limited to metadata format checks using regex in the provided scripts.
Audit Metadata