Skills
skills/yusufkaraaslan/skill_seekers/skill-builder/Gen Agent Trust Hub

skill-builder

Pass

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks as its primary function involves processing content from untrusted external sources (websites, GitHub repositories, PDFs, and video transcripts).
  • Ingestion points: External data enters the agent context through tools such as scrape_docs, scrape_github, scrape_pdf, scrape_video, and scrape_codebase (SKILL.md).
  • Boundary markers: The skill definition does not include specific delimiters or instructions for the agent to ignore potentially malicious instructions embedded in the scraped content.
  • Capability inventory: The skill facilitates network operations (scrape_docs, upload_skill), local file access (scrape_codebase), and system workflows (install_skill, package_skill).
  • Sanitization: No explicit sanitization or validation of the retrieved content is defined in the skill instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 17, 2026, 02:07 AM