Security risk report for @forgecat/anthropics_claude-plugins-official_skill-creator v0.0.4
Source Integrity
Low
Profile is sourced from Anthropic's official claude-plugins-official repository on GitHub.
Metadata clearly identifies author as Anthropic with transparent version tracking and commit hash.
Static scanner confirms safe classification.
Agent Intent
Low
Content describes legitimate skill-authoring workflows: creating, testing, and iterating on AI agent skills through evals and benchmarking.
No instructions to manipulate the AI, exfiltrate data, read credentials, or hide instructions.
Guidance on skill creation follows standard software engineering practices (testing, evaluation, iteration) without security-weakening directives.
Agent roles (Analyzer, Comparator, Grader) are designed to evaluate skill quality objectively, not to compromise system integrity.
Details
Evidence
SKILL.md describes transparent workflow: 'Decide what you want the skill to do → Write draft → Create test prompts → Evaluate results → Rewrite based on feedback → Repeat'.
Principle of Lack of Surprise section explicitly states: 'skills must not contain malware, exploit code, or any content that could compromise system security.'
Grader agent instructions emphasize verification and evidence-based judgment, not deception or hidden behavior.
Permissions
Low
No tool definitions or MCP servers are declared in this profile.
The profile is instructional documentation for a skill-creation workflow, not a skill that requests file system, shell, or network access.
Guidance emphasizes user control and transparency in skill design, not excessive or hidden authority.
Details
Evidence
Profile metadata shows 'tools: (none declared)' and 'MCP servers: (none)'.
Content focuses on how to design skills responsibly, not on requesting dangerous permissions for this profile itself.
MCP Risk
Low
No MCP servers are defined or referenced in this profile.
The profile is a meta-skill for authoring other skills, not a direct consumer of external services.
No hidden instructions in tool descriptions or arbitrary binary execution.
Details
Evidence
MCP servers section is empty: '(none)'.
Profile contains only markdown documentation and agent role descriptions, no executable binaries or external service integrations.