skill-creator
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is entirely instructional and provides a framework for generating skills for the z-schema project. It does not perform any sensitive system operations.
- [SAFE]: All file references, such as those to docs/usage.md or src/errors.ts, are local to the repository and do not involve external network calls or remote code downloads.
- [SAFE]: The skill does not contain any obfuscated instructions, hidden characters, or attempts to bypass LLM safety protocols.
- [PROMPT_INJECTION]: The skill has an Indirect Prompt Injection surface as it is designed to ingest user requirements and 'test prompts' to generate new content. (1) Ingestion points: User-provided intent, edge cases, and test scenarios (Steps 1, 2, and 5). (2) Boundary markers: Absent; instructions focus on content structure rather than instruction isolation. (3) Capability inventory: The agent is instructed to 'execute each test prompt' as part of the verification loop. (4) Sanitization: Absent; the workflow relies on agent reasoning and user review of the final output.
Audit Metadata