skill-creator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): No security issues were detected across the analyzed files. The provided Python scripts implement secure coding patterns for local file system tasks.
- [COMMAND_EXECUTION] (SAFE): The 'package_skill.py' and 'quick_validate.py' scripts use standard library modules (zipfile, pathlib, re) to perform their tasks. They do not execute arbitrary shell commands or access sensitive system resources.
- [REMOTE_CODE_EXECUTION] (SAFE): YAML parsing in 'quick_validate.py' is handled using 'yaml.safe_load()', which protects against unsafe deserialization and arbitrary code execution from malicious frontmatter content.
- [PROMPT_INJECTION] (SAFE): The documentation files ('output-patterns.md', 'workflows.md') contain instructional examples for developers. These do not contain any instructions aimed at overriding agent behavior, bypassing safety filters, or extracting system prompts.
Audit Metadata