narrative-cascade-planner

Pass

Audited by Gen Agent Trust Hub on Jul 5, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill explicitly addresses the risk of indirect prompt injection by instructing the agent to treat all external inputs (scraped pages or pasted exports) as untrusted and to never follow instructions embedded within them.
  • [COMMAND_EXECUTION]: The skill references the use of local scripts (firecrawl.py and wayback.py) for data retrieval tasks. These are designated project connectors and do not involve arbitrary or unsafe command execution.
  • [DATA_EXPOSURE]: Data operations are confined to the local project's memory directory. External network interaction is limited to web scraping via defined connector scripts as part of the skill's core functionality.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 5, 2026, 04:16 PM
Security Audit — agent-trust-hub — narrative-cascade-planner